CVE-2020-37178

HIGH WAF: Medium

CVSS 7.5 Published: 2026-02-11

CWE-94

KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash.

WAF Coverage Analysis

Code Injection Medium WAF Coverage

OWASP: A03:2021 Injection

932xxx - Remote Code Execution 933xxx - PHP Injection 934xxx - Node.js / Generic Injection

References

keepass.info
www.exploit-db.com
www.vulncheck.com

Back to CVE Database