Vaultwarden HTML Injection Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A vulnerability allowing HTML injection has been identified in Vaultwarden versions prior to 1.32.5. This issue enables attackers to execute arbitrary code by injecting a crafted payload into the username field of an email message. The vulnerability arises because the application fails to properly sanitize input before including it in email templates, allowing for the insertion of malicious HTML.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of code within the context of the user receiving the manipulated email.
Reproduction
To reproduce this vulnerability, inject a crafted HTML payload into the username field when sending an email through Vaultwarden. Once the email is received, the injected HTML will be executed, demonstrating the injection flaw.
Remediation
Users are advised to update to Vaultwarden version 1.32.5 or later, where this vulnerability has been fixed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.