|
|
|
|
|
|
by rvz
1795 days ago
|
|
|
Well it still recognises to autofill in the password on a different subdomain as shown in the PoC by default, which is not good at all. To Downvoters: So in the PoC [0] with the default settings the author is completely wrong about their findings? even if you 'manually' autofill in the fields? So you are saying that the password DOESN'T get extracted out of Bitwarden from a different subdomain than where the login data was stored on by default then? [0] https://marektoth.com/blog/password-managers-autofill/ |
|
|
[1]: https://bitwarden.com/help/article/uri-match-detection/#matc...