
KeePassRPC Plugin Vulnerability: CVE-2020-16271 Warning message - chinzsteel
https://forum.kee.pm/t/cve-2020-16271-warning-message/3143
======
chinzsteel
When KeePassRPC (version 1.13.0 or higher) detects a previously authorised
client which uses the same encryption key as the one used during a successful
exploit of the first related vulnerability fixed in KeePassRPC 1.12.x, we
display a warning message.

In the current version of KeePassRPC, this reads:

Your KeePass instance may have previously been exploited by a malicious
attacker.

The passwords contained within any databases that were open before this point
may have been exposed so you should change them.

