Lucene search
China National Vulnerability DatabaseCNVD-2023-67077HistoryJul 12, 2023 - 12:00 a.m.
TeamPass cross-site scripting vulnerability (CNVD-2023-67077)
2023-07-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
teampass
open source
password manager
cross-site scripting
vulnerability
user-supplied data
filtering
injection
arbitrary web script
html
0.001 Low
EPSS
Percentile
19.5%
TeamPass is an open source password manager. TeamPass 3.0.10 prior to the version of the cross-site scripting vulnerability , the vulnerability stems from the Default session expiration time function of the user-supplied data lack of effective filtering and escaping , the vulnerability can be exploited by an attacker through the injection of a well-designed payload to execute arbitrary Web script or HTML.
| CPE | Name | Operator | Version |
|---|---|---|---|
| teampass teampass | lt | 3.0.10 |
Related
osv
osv
TeamPass Cross-site Scripting vulnerability
2023-07-10 18:30:49
CVE-2023-3565
2023-07-10 16:15:56
veracode
veracode
Cross-site Scripting (XSS)
2023-07-25 09:18:42
cve
cve
CVE-2023-3565
2023-07-10 16:15:56
github
github
TeamPass Cross-site Scripting vulnerability
2023-07-10 18:30:49
cvelist
cvelist
huntr
huntr
Stored XSS via Default session expiration time
2023-06-10 17:05:24
prion
prion
Cross site scripting
2023-07-10 16:15:00
nvd
nvd
CVE-2023-3565
2023-07-10 16:15:56