CVE-2019-10884

Name of the Vulnerable Software and Affected Versions Uniqkey Password Manager version 1.14

Description The issue arises from the software's inability to distinguish between domains and sub-domains. As a result, passwords saved for a particular domain may be suggested for its sub-domains, potentially leading to successful phishing campaigns and creating a false sense of security.

Recommendations For Uniqkey Password Manager version 1.14, consider avoiding the use of the password auto-fill feature for sub-domains until a patch is available. As a temporary workaround, manually verify the domain before entering login credentials to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.