GAGANDEEP SINGH
10-March-2023
Security Analysts discovered a flaw with the Bitwarden credentials autofill feature.
Bitwarden is a freemium password management service with an extension for web browsers that hold.
The autofill feature holds a dangerous behavior that could allow malicious iframe into the website.
Although the iframe cannot access the content on the main page and can wait to log in forms.
There’s still a second issue that the security firm found while investigating the iframe issue.
Bitwarden, also autofill the credentials on the sub-websites of the main website matching the login.
Some content hosting allows hosting arbitrary content under a subdomain of their official domain.
Now, the flaw has been brought to the notice of the company by the security analysts.