Where should I report a potential security issue with the browser extension?

Question

When the LastPass extension is active while editing user privileges on a website's admin page, the user id (a non-editable field) for any user is changed to the first id LastPass has in mind, resulting in setting wrong privileges. Should this even be possible, i.e. is the website code at fault?

LastPass Support · Answer

Thanks for reaching out.

For issues pertaining to LastPass security, you may follow the procedures listed within this support guide.

LastPass Support · Answer

HELLO! @delany.middleton​

Welcome to the LastPass Community.

We are sorry for the problem with your browser extension and the autofill feature.

More than a security issue, it is related to a problem with the autofill, we will need to make an investigation to better understand the issue. I will recommend you create a support case so one of our support agents can help you to find a solution for this behavior. You can create the support case using the steps below:

* From your LastPass vault, go to the top right corner click on your email address
* Click on Support center
* Top right corner clicks on "Loging to Support"
* Then Click on "Contact US"
* You will be able to choose the best option for you, A callback request or a Support case.

We apologize in advance, please let us know if there is something else, we can do for you.

Greetings!

Verlaine | Customer Care

delany.middleton · Answer

I am not a paid customer so a callback request/support case is not an option.

I am not having a problem using your software, I am telling you it is possible your software that has a problem. If LastPass has no way of being contacted by users who find an issue with the software then that doesn't bode well.