3 matches found
CVE-2020-12477
The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function...
CVE-2020-12477
The vulnerability CVE-2020-12477 affects TeamPass 2.1.27.36: the REST API allows any user with a valid API token to bypass IP address whitelisting by manipulating the X-Forwarded-For header when calling the getIp function. Multiple connected sources (Red Hat, Veracode, OSV, CNVD/CNVD-2020-27440, ...
TeamPass <= 2.1.27.36 Multiple XSS Vulnerabilities
TeamPass is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...