Logmein: >> Lastpass >> 3.1.90 Security Vulnerabilities
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking.
CVSS Score
8.2
EPSS Score
0.002
Published
2019-09-16
LogMeIn LastPass through 4.15.0 allows remote attackers to cause a denial of service (browser hang) via an HTML document because the resource consumption of onloadwff.js grows with the number of INPUT elements.
CVSS Score
7.5
EPSS Score
0.009
Published
2018-04-18