6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.6%
An issue was discovered in TeamPass 2.1.27.35. From the sources/items.queries.php “Import items” feature, it is possible to load a crafted CSV file with an XSS payload.
github.com/advisories/GHSA-m3pp-jcpm-2vr9
github.com/nilsteampassnet/TeamPass/issues/2638
github.com/nilsteampassnet/TeamPass/releases
nvd.nist.gov/vuln/detail/CVE-2019-12950