A Flaw in Bitwarden Autofill Feature Endangers User Credentials



Security Analysts discovered a flaw with the Bitwarden credentials autofill feature.

Bitwarden is a freemium password management service with an extension for web browsers that hold.

The autofill feature holds a dangerous behavior that could allow malicious iframe into the website.

Although the iframe cannot access the content on the main page and can wait to log in forms.

There’s still a second issue that the security firm found while investigating the iframe issue.

Bitwarden, also autofill the credentials on the sub-websites of the main website matching the login.

Some content hosting allows hosting arbitrary content under a subdomain of their official domain.

Now, the flaw has been brought to the notice of the company by the security analysts.

Read the full story here.