Teampass: >> Teampass >> 2.1.27.33 Security Vulnerabilities
Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.
CVSS Score
6.3
EPSS Score
0.0
Published
2023-03-17
External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-02-27
Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default.
CVSS Score
8.1
EPSS Score
0.003
Published
2020-05-04
Page 3