Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1wcmo1LTJnMnAteDJtd84AAzLd
teampass vulnerable to code injection
In nilsteampassnet/teampass prior to 3.0.7, if two users have the same folder access, malicious users can create an item where its label field is vulnerable to HTML injection. When other users see that item, it may force them to redirect to the attacker's website or capture their data using a form. The issue is fixed in version 3.0.7.
Permalink: https://github.com/advisories/GHSA-prj5-2g2p-x2mwJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1wcmo1LTJnMnAteDJtd84AAzLd
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 1 year ago
Updated: about 1 year ago
CVSS Score: 7.1
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
EPSS Percentage: 0.00059
EPSS Percentile: 0.26522
Identifiers: GHSA-prj5-2g2p-x2mw, CVE-2023-2591
References:
- https://nvd.nist.gov/vuln/detail/CVE-2023-2591
- https://github.com/nilsteampassnet/teampass/commit/57a977c6323656e5dc06ab5c227e75c3465a1a4a
- https://huntr.dev/bounties/705f79f4-f5e3-41d7-82a5-f00441cd984b
- https://github.com/advisories/GHSA-prj5-2g2p-x2mw
Blast Radius: 4.3
Affected Packages
packagist:nilsteampassnet/teampass
Dependent packages: 0Dependent repositories: 4
Downloads: 26 total
Affected Version Ranges: < 3.0.7
Fixed in: 3.0.7
All affected versions: 2.1.21, 2.1.26, 2.1.27, 3.0.0
All unaffected versions: 3.0.10, 3.1.0, 3.1.1