In KeePassX prior to 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent malicious users to obtain sensitive information by reading the .xml dotfile.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
keepassx project keepassx |