A vulnerability within the Avira Password Manager Browser Extensions provided a potential loophole where, if a user visited a page crafted by an attacker, the discovered vulnerability could trigger the Password Manager Extension to fill in the password field automatically. An attacker could then access this information via JavaScript. The issue was fixed with the browser extensions version 2.18.5 for Chrome, MS Edge, Opera, Firefox, and Safari.
References
Link | Resource |
---|---|
https://support.norton.com/sp/static/external/tools/security-advisories.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: NLOK
Published: 2022-04-12T16:11:34
Updated: 2022-04-12T16:11:34
Reserved: 2022-04-07T00:00:00
Link: CVE-2022-28795
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-12T17:15:10.940
Modified: 2022-04-20T14:35:52.933
Link: CVE-2022-28795
JSON object: View
Redhat Information
No data.
CWE