Lucene search
+L

4 matches found

huntr
huntr
added 2023/05/26 5:57 a.m.21 views

Stored XSS on item name - Bypass of (CVE-2023-2516)

Description first create two user accounts and grant them permission to access a same folder. In one of the accounts, generate a new item within the folder. Paste the payload XSS into this field, then save the item. Once saved, click on the item to activate an XSS alert. This is the bypass of...

4.9CVSS6.3AI score0.00683EPSS
Exploits2References1
openvas
openvas
added 2023/05/08 12:0 a.m.15 views

TeamPass < 3.0.7 Multiple Vulnerabilities

TeamPass is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:teampass:teampass"; ifdescription...

7.1CVSS5.6AI score0.00612EPSS
Exploits3References3
cvelist
cvelist
added 2023/05/05 12:0 a.m.31 views

CVE-2023-2516 Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass

Cross-site Scripting XSS - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7...

5.4CVSS5.5AI score0.00612EPSS
Exploits1References2
cve
cve
added 2023/05/05 12:0 a.m.163 views

CVE-2023-2516

Summary: CVE-2023-2516 is a stored XSS vulnerability in nilsteampassnet/teampass prior to 3.0.7. When two users have access to the same folder, creating a new item and inserting an XSS payload into the item’s name can trigger the XSS when the item is viewed by another user. This affects Teampass ...

5.4CVSS5.2AI score0.00612EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder