CVE-2024-55224

Опубликовано: 09 янв. 2025

Источник: debian

Описание

An HTML injection vulnerability in Vaultwarden prior to v1.32.5 allows attackers to execute arbitrary code via injecting a crafted payload into the username field of an e-mail message.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
vaultwarden	itp			package

Связанные уязвимости

CVE-2024-55224

CVSS3: 9.6

nvd

около 1 года назад

An HTML injection vulnerability in Vaultwarden prior to v1.32.5 allows attackers to execute arbitrary code via injecting a crafted payload into the username field of an e-mail message.

GHSA-g5x8-v2ch-gj2g

github

около 1 года назад

Vaultwarden HTML injection vulnerability