Polish security researcher unveiled the flaw in a cross-browser sharing API that could allow attackers to steal user files. Read more