Australian development house Click Studios has warned users of its Passwordstate enterprise password management platform to update immediately if not sooner, following the discovery of an authentication bypass vulnerability that opens the doors to an emergency administration account with nothing more than a "carefully crafted URL."

"We have released [Passwordstate] build 9972," Click Studio's support team posted to the company's announcements board , "which includes two security updates. We recommend customers upgrade as soon as possible."

Those two security updates are detailed in the company's changelog as modifications to prevent clickjacking attacks against the software's browser extension and a "potential authentication bypass" which, at the time of writing, was pending the assignme

See Full Page