3 matches found
CVE-2018-25081
Bitwarden through 2023.2.1 offers password auto-fill within a cross-domain IFRAME element. NOTE: the vendor's position is that there have been important legitimate cross-domain configurations e.g., an apple.com IFRAME element on the icloud.com website and that "Auto-fill on page load" is not...
CVE-2018-25081
CVE-2018-25081 concerns Bitwarden up to version 2023.2.1, where password auto-fill can occur within a cross-domain IFRAME element. The issue is described across multiple records as a cross-domain auto-fill risk, with the vendor noting legitimate use cases (e.g., apple.com in an icloud.com IFRAME)...
CVE-2018-25081
Bitwarden through 2023.2.1 offers password auto-fill within a cross-domain IFRAME element. NOTE: the vendor's position is that there have been important legitimate cross-domain configurations e.g., an apple.com IFRAME element on the icloud.com website and that "Auto-fill on page load" is not...