PT-2023-17414 · Teampass · Teampass

Name of the Vulnerable Software and Affected Versions: teampass versions prior to 3.0.3 Description: The issue is related to stored Cross-site Scripting XSS in the GitHub repository nilsteampassnet/teampass. Specifically, the description parameter of a folder is vulnerable. This allows an attacke...

PYSEC-2021-110

In Plone 5.0 through 5.2.4, Editors are vulnerable to XSS in the folder contents view, if a Contributor has created a folder with a SCRIPT tag in the description field...

CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS

No description provided by source. 恶意用户可以修改项目文件夹描述进行XSS攻击和HTML注入（添加链接、图片和按钮等）。 因为项目文件夹时被不同用户共享，该漏洞可以用来抓取会话cookie。 创建一个项目文件夹并添加下面的描述（根据版本修改特定路径）：...