Browser Extension Bug Leads to Post Injection
A few years ago, we saw how a browser extension introduced a threat to serve unwanted ads. Today, the number of browser extensions available to users has grown, along with the risk for this similar behavior to occur.
We recently came across a similar case where several completely different websites contained what appeared to be a base64-encoded image, only visible from source-code view.
Base64 Encoded Images
There are a variety of approaches to displaying images on websites.