Cleartext Password Data Exposure in KeePassX XML Export

Cleartext Password Data Exposure in KeePassX XML Export

CVE-2015-8378 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML export action. This allows context-dependent attackers to obtain sensitive information by reading the .xml dotfile.

Learn more about our Web Application Penetration Testing UK.