Teampass: >> Teampass >> 2.1.15 Security Vulnerabilities
TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-12-30
TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-12-30
TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-12-30
Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS Score
5.2
EPSS Score
0.001
Published
2023-07-10
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS Score
7.6
EPSS Score
0.002
Published
2023-07-08
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS Score
5.3
EPSS Score
0.005
Published
2023-07-08
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS Score
9.1
EPSS Score
0.002
Published
2023-07-08
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.10.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-07-06
Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS Score
3.5
EPSS Score
0.001
Published
2023-06-10
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVSS Score
8.1
EPSS Score
0.001
Published
2023-06-10
Page 1