Gaping security hole in Greasemonkey 0.4?
There are reports of a rather egregious security hole in the latest revision of Greasemonkey -- one that could allow a malicious website access to any local file. Worse -- the attacker wouldn't even need to know the name of the specific file they're looking for, as sending a GET request with a directory as an argument will return a parseable file listing. You may want to uninstall or downgrade if you're a Greasemonkey user.
[Via waxy]
