Teampass 2.1.26 allows reflected XSS via the index.php PATH_INFO.
References
Link | Resource |
---|---|
https://gist.github.com/RNPG/6919286e0daebce7634d0a744e060dca | Exploit Third Party Advisory |
https://github.com/nilsteampassnet/TeamPass/commits/teampass_2 | Patch Third Party Advisory |
Configurations
Information
Published : 2022-03-28 12:15
Updated : 2022-04-04 10:15
NVD link : CVE-2022-26980
Mitre link : CVE-2022-26980
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
teampass
- teampass