CVE-2019-12880

medium

Description

BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking vulnerability caused by allowing * within web_accessible_resources. An attacker can take advantage of this vulnerability and cause significant harm.

References

https://chrome.google.com/webstore/detail/quarking-password-manager/gfkmpfajamepgekgohcdnjogmeamcdmm?hl=en

http://seclists.org/fulldisclosure/2019/Jun/31

http://packetstormsecurity.com/files/153405/Quarking-Password-Manager-3.1.84-Clickjacking.html

Details

Source: Mitre, NVD

Published: 2019-06-24

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00247