An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| vaultwarden(crates.io) | 0 | 1.32.5 | N/A |
CVSS Metrics
