PT-2019-14999 · Teampass · Teampass

Lebiko

Published

2019-10-05

Updated

2022-05-24

CVE-2019-17204

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions TeamPass version 2.1.27.36

Description The issue allows for Stored XSS by setting a crafted Knowledge Base label and adding any available item.

Recommendations For TeamPass version 2.1.27.36, update to a version that fixes this issue, as no specific workaround is provided for this version.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2019-17204

GHSA-QX37-225J-QR89

Affected Products

Teampass

PT-2019-14999 · Teampass · Teampass

CVE-2019-17204

Weakness Enumeration

Related Identifiers

Affected Products

References · 5