Lucene search
NerrorsecFCF46E1F-2AB6-4057-9D25-CF493AB09530HistoryJun 10, 2023 - 5:05 p.m.
Stored XSS via Default session expiration time
2023-06-1017:05:24
nerrorsec
www.huntr.dev
9
stored xss
default session expiration
teampass
settings
options
xss payload
login page
html/js code
EPSS
0.001
Percentile
32.9%
Description
The Default session expiration time feature when submitted HTML/JS tags executes the code in the login page.
Proof of Concept
Login to Teampass and go to Settings => Options. (http://127.0.0.1/index.php?page=options)
In theDefault session expiration time input field insert an XSS payload "><svg/onload=alert(document.cookie)>. Save the settings.
On a different browser, open the login page. The XSS payload executes.
Related
cve
cve
CVE-2023-3565
2023-07-10 16:15:56
cnvd
cnvd
TeamPass cross-site scripting vulnerability (CNVD-2023-67077)
2023-07-12 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2023-07-25 09:18:42
osv
osv
TeamPass Cross-site Scripting vulnerability
2023-07-10 18:30:49
CVE-2023-3565
2023-07-10 16:15:56
github
github
TeamPass Cross-site Scripting vulnerability
2023-07-10 18:30:49
prion
prion
Cross site scripting
2023-07-10 16:15:00
nvd
nvd
CVE-2023-3565
2023-07-10 16:15:56
cvelist
cvelist