Researcher Benjamin Kunz Mejri of Vulnerability Lab said in an e-mail to Threatpost that he had discovered the hole in a software filter and validation feature in KeePass Password Manager up to and including v1.22. If exploited, the hole would enable an attacker with access to a machine running the KeePass software to inject malicious script by passing the html/xml export feature a specially crafted file.
A fortunate attacker would require a rigged URL with malevolent script code, a logging server with read, write and execute (chmod 777) permissions, a listing data file, and a logical keePass v1.22 user (also known as the victim), Kunz Mejri published. When exploited, the hole presents the attacker the power to steal plain password lists, amongst other attacks, Kunz Mejri warned.
The hole is ranked “medium” – an expression of the motive for aggressors to find local entree to a vulnerable system, and fool users into accepting certain activities to import malevolent content without acknowledging that it’s malicious. Users are suggested to update Keepass as soon as an update is out.