CVE-2017-15278

Name of the Vulnerable Software and Affected Versions TeamPass versions prior to 2.1.27.9

Description A Cross-Site Scripting (XSS) issue was found due to insufficient data filtration in the /sources/folders.queries.php file. This allows an attacker to execute arbitrary HTML and script code in a browser within the context of the vulnerable website.

Recommendations For versions prior to 2.1.27.9, update to version 2.1.27.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the /sources/folders.queries.php file to minimize the risk of exploitation.