Domain Confusion Vulnerability in Uniqkey Password Manager 1.14

Domain Confusion Vulnerability in Uniqkey Password Manager 1.14

CVE-2019-10884 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing campaigns and create a sense of false security.

Learn more about our Phishing Simulation.