Teampass: >> Teampass >> 3.0.10 Security Vulnerabilities
TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-12-30
TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-12-30
TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-12-30