Full Disclosure mailing list archives

Quarking Password Manager 3.1.84 - Clickjacking Vulnerability

From: <gionreale () tutanota com>
Date: Mon, 24 Jun 2019 08:09:53 +0200 (CEST)



Quarking Password Manager 3.1.84 suffers from a clickjacking
vulnerability caused by allowing * within web_accessible_resources. An
attacker can take advantage of this vulnerability and cause significant
harm.

CVE-2019-12880

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

Quarking Password Manager 3.1.84 - Clickjacking Vulnerability gionreale (Jun 24)