Is Szafir SDK Web safe?

Medium risk

Legitimate Polish e-signature SDK with a postMessage vulnerability allowing untrusted web pages to send arbitrary commands to native messaging host without origin validation.

webmodule-groupv0.0.17.2Chrome Web Store
0Risk

AI-generated. Findings may contain errors. Those marked Verified have been manually reviewed.

Publishers can request a review.

Updated 18 May 2026gjalhnomhafafofonpdihihjnbafkipc