“Chrome’s enhanced spellcheck & Edge’s MS Editor are sending data you enter into form fields like username, email, DOB, SSN, basically anything in the fields, to sites you’re logging into from either of those browsers when the features are enabled. Furthermore, if you click on « show password, » the enhanced spellcheck even sends your password, essentially Spell-Jacking your data.”

Source : Chrome & Edge Enhanced Spellcheck Features Expose PII, Even Your Passwords | otto