Mailvelope before 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign (and encrypt) arbitrary messages with Mailvelope, assuming the private key password is cached. A second vulnerability allows an malicious user to decrypt an arbitrary message when the GnuPG backend is used in Mailvelope.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mailvelope mailvelope |