[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] KEYNTO Team Password Manager 1.5.0 - Cross Site Scripting [CVE-2019-13380]

To: Fulldisclosure <fulldisclosure@xxxxxxxxxxxx>
Subject: [FD] KEYNTO Team Password Manager 1.5.0 - Cross Site Scripting [CVE-2019-13380]
From: <gionreale@xxxxxxxxxxxx>
Date: Tue, 9 Jul 2019 10:22:04 +0200 (CEST)

KEYNTO Team Password Manager 1.5.0 allows XSS because data saved from websites 
is mishandled in the online vault.

Discovered by Gionathan Armando Reale

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] Polycom RealPresence Touch device vulnerable to Slowloris attack (hardware version 7; OS version 2.1.2-255)
Next by Date: [FD] Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
Previous by thread: [FD] Polycom RealPresence Touch device vulnerable to Slowloris attack (hardware version 7; OS version 2.1.2-255)
Next by thread: [FD] Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!
Index(es):
- Date
- Thread