Teampass: >> Teampass >> 2.1.26.10 Security Vulnerabilities
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS Score
6.1
EPSS Score
0.001
Published
2023-06-03
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS Score
8.1
EPSS Score
0.015
Published
2023-05-31
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS Score
7.1
EPSS Score
0.058
Published
2023-05-24
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
CVSS Score
7.1
EPSS Score
0.003
Published
2023-05-09
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.
CVSS Score
5.4
EPSS Score
0.007
Published
2023-05-05
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3.
CVSS Score
5.8
EPSS Score
0.001
Published
2023-04-13
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
CVSS Score
7.5
EPSS Score
0.114
Published
2023-03-21
Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
CVSS Score
6.3
EPSS Score
0.0
Published
2023-03-17
External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-02-27
Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default.
CVSS Score
8.1
EPSS Score
0.003
Published
2020-05-04