CVE-2024-55224 | Vaultwarden up to 1.32.5 E-Mail Message username cross site scripting

Posted by Angelo Barbosa | Jan 9, 2025 | CVE

A vulnerability was found in Vaultwarden up to 1.32.5. It has been declared as problematic. This vulnerability affects unknown code of the component E-Mail Message Handler. The manipulation of the argument username leads to basic cross site scripting.

This vulnerability was named CVE-2024-55224. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-55224 | Vaultwarden up to 1.32.5 E-Mail Message username cross site scripting

Related Posts

CVE-2024-39236 | Gradio 4.36.1 component_meta.py code injection

CVE-2024-5044 | Emlog Pro 2.3.4 Cookie AuthCookie improper authentication

CVE-2023-50422 | SAP cloud-security-services-integration-library up to 2.16.x/3.2.x authorization

CVE-2024-20418 | Cisco IOS XE Controller Web-based Management Interface command injection (cisco-sa-backhaul-ap-cmdinj-R7E28Ecs)