Class: Unknown
CVE:
Remote: Yes
Local: No
Published: Mar 21 2017 12:00AM
Credit: Travis Ormandy
Vulnerable: LastPass LastPass 2.5.1
LastPass LastPass 2.0.4
LastPass LastPass 4.1.21a
LastPass LastPass 4.1.20a
Not Vulnerable: LastPass LastPass 4.1.36a
Discussion
LastPass for Firefox Security Bypass Vulnerability
LastPass is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions.
Versions prior to LastPass 4.1.36a are vulnerable.
LastPass is prone to a security-bypass vulnerability.
Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions.
Versions prior to LastPass 4.1.36a are vulnerable.
Exploit
LastPass for Firefox Security Bypass Vulnerability
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
References
LastPass for Firefox Security Bypass Vulnerability
References:
References: