CVE-2024-55224 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An HTML injection vulnerability in Vaultwarden prior to v1.32.5 allows attackers to execute arbitrary code via injecting a crafted payload into the username fie…
Critical CVSS: 9.6

CVE-2024-55224

An HTML injection vulnerability in Vaultwarden prior to v1.32.5 allows attackers to execute arbitrary code via injecting a crafted payload into the username field of an e-mail message.
Vendor
Dani-garcia
Product
Vaultwarden
CWE
CWE-79
Yayın Tarihi
2025-01-09 21:15:29
Güncelleme
2025-06-20 18:30:37
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-79 Vaultwarden CRITICAL Dani-garcia 2025

Referanslar

https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.4 https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.5 https://insinuator.net/2024/11/vulnerability-disclosure-authentication-bypass-in-vaultwarden-versions-1-32-5/