9 matches found
CVE-2025-1987
A Cross-Site Scripting XSS vulnerability has been identified in Psono-Client’s handling of vault entries of type websitepassword and bookmark, as used in Bitdefender SecurePass. The client does not properly sanitize the URL field in these entries. As a result, an attacker can craft a malicious...
EUVD-2025-18823
Malicious code in bioql PyPI...
CVE-2025-1987
A Cross-Site Scripting XSS vulnerability has been identified in Psono-Client’s handling of vault entries of type websitepassword and bookmark, as used in Bitdefender SecurePass. The client does not properly sanitize the URL field in these entries. As a result, an attacker can craft a malicious...
CVE-2025-1987
A Cross-Site Scripting XSS vulnerability has been identified in Psono-Client’s handling of vault entries of type websitepassword and bookmark, as used in Bitdefender SecurePass. The client does not properly sanitize the URL field in these entries. As a result, an attacker can craft a malicious...
CVE-2025-1987 Stored XSS in Psono-Client via Malicious Vault Entry URLs
A Cross-Site Scripting XSS vulnerability has been identified in Psono-Client’s handling of vault entries of type websitepassword and bookmark, as used in Bitdefender SecurePass. The client does not properly sanitize the URL field in these entries. As a result, an attacker can craft a malicious...
CVE-2025-1987 Stored XSS in Psono-Client via Malicious Vault Entry URLs
A Cross-Site Scripting XSS vulnerability has been identified in Psono-Client’s handling of vault entries of type websitepassword and bookmark, as used in Bitdefender SecurePass. The client does not properly sanitize the URL field in these entries. As a result, an attacker can craft a malicious...
CVE-2025-1987
CVE-2025-1987 describes a stored XSS in Psono-Client via malicious vault entries (website_password and bookmark) with un sanitised URL fields, used in Bitdefender SecurePass. A crafted javascript: URL can execute in the browser when a user interacts with the entry, potentially accessing the user’...
PSONO Client 跨站脚本漏洞
PSONO Client is a PSONO client for psono individual developers. A cross-site scripting vulnerability exists in PSONO Client that stems from not properly cleaning URL fields, which could lead to cross-site scripting attacks...
PT-2025-26523 · Unknown · Psono-Client
Name of the Vulnerable Software and Affected Versions: Psono-Client affected versions not specified Description: A Cross-Site Scripting XSS issue has been identified in Psono-Client's handling of vault entries of type website password and bookmark, as used in Bitdefender SecurePass. The client do...