They would basically need to be able to spoof the domain, as that seems to be how it works…or exploit the URL parser. There was a bug about this last year, but it was patched within 24 hours of discovery. I know that there are already some pretty clever other autofill hacks though, like this one that takes more info than it seems to be taking, though most of the more popular managers have protections against this sort of thing.
