2 matches found
CVE-2017-15051
Multiple stored cross-site scripting XSS vulnerabilities in TeamPass before 2.1.27.9 allow authenticated remote attackers to inject arbitrary web script or HTML via the 1 URL value of an item or 2 user log history. To exploit the vulnerability, the attacker must be first authenticated to the...
CVE-2017-15051
Summary: CVE-2017-15051 affects TeamPass prior to 2.1.27.9 with multiple stored XSS vulnerabilities. An authenticated attacker can inject script/html via (1) an item URL value or (2) user log history, potentially affecting administrators when they view logs. Root cause: stored XSS in these fields...