Proton Pass has rolled out a critical security update that mitigates a DOM-based clickjacking vulnerability demonstrated last summer at DEF CON 33.
The issue, affecting all major browser-based password managers, could allow attackers to invisibly trigger sensitive UI components like autofill prompts with a single deceptive click.
Tóth, a Czech security researcher, presented a new class of clickjacking attacks targeting how password manager extensions inject interactive elements into the web page’s DOM. By manipulating the visibility or layering of these elements using JavaScript and CSS techniques, attackers can create convincing overlays that trick users into unknowingly authorizing sensitive actions, such as credential autofill or 2FA code exposure.
Proton Pass was one of 11 password managers shown to be vulnerable to this method during Tóth’s presentation. The flaw has now been addressed in version 1.31.6 of the Proton Pass browser extension, which fixes the extension’s DOM-injected components and UI overlays to prevent malicious manipulation.
The attack method disclosed by Tóth bypasses longstanding assumptions about the safety of manual autofill. Traditionally considered a more secure alternative to automatic autofill, manual entry was believed to give users time to assess a site’s legitimacy. However, the DOM-based clickjacking exploit circumvents this by targeting the extension’s injected UI and rendering it invisible or misaligned. Techniques include:
- Opacity manipulation of UI elements to make them invisible.
- Overlay attacks using transparent layers with pointer-events: none to pass clicks through to hidden components.
- Shadow DOM weaknesses, allowing unauthorized styling or interactions.
Tóth’s tests confirmed the attack worked across all tested managers, including 1Password, Bitwarden, LastPass, Enpass, and iCloud Passwords. Only a few vendors, like Proton Pass, Keeper, Bitwarden, and Dashlane, have released fixes as of November 2025. Others, including 1Password and LastPass, have either dismissed the issue or classified it as “informative,” indicating no intention to patch.
The implications of the attack are serious. A user could unknowingly authorize the autofill of passwords, credit card numbers, TOTP codes, or other sensitive data just by clicking on a seemingly benign element like a cookie banner or pop-up window. In cases where a site is compromised via XSS or subdomain takeover, the attacker wouldn’t even need full control over the domain to execute the exploit.
Proton Pass users are recommended to update immediately to version 1.31.6 and enable automatic updates on their client to ensure continued protection against future zero-day flaws. Those interacting a lot with untrusted sites should consider disabling autofill entirely.
Leave a Reply