9Oca
CVE-2024-55224 | Vaultwarden up to 1.32.5 E-Mail Message username cross site scripting
A vulnerability was found in Vaultwarden up to 1.32.5. It has been declared as problematic. This vulnerability affects unknown code of the component E-Mail Message Handler. The manipulation of the argument username leads to basic cross site scripting. This vulnerability was named CVE-2024-55224. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.