Description
A vulnerability has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as problematic. This vulnerability affects unknown code. The manipulation leads to insufficiently protected credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-216274 is the identifier assigned to this vulnerability.
References (3)
Core 3
Core References
Exploit, Third Party Advisory
https://modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html
Third Party Advisory
https://vuldb.com/?id.216274
Exploit, Third Party Advisory
https://www.modzero.com/static/MZ-22-03_Passwordstate_Security_Disclosure_Report-v1.0.pdf
Scores
CVSS v3
4.3
EPSS
0.0085
EPSS Percentile
53.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-522
Status
published
Products (3)
clickstudios/passwordstate
9.5 build_9500 (7 CPE variants)
clickstudios/passwordstate
9.5.8.4
clickstudios/passwordstate
< 9.5
Published
Dec 19, 2022
Tracked Since
Feb 18, 2026