CVE-2026-3107
CVE-2026-3107 concerns a Stored XSS in Teampass prior to 3.1.5.16, impacting the password import endpoint redacted/index.php?page=items. The issue arises from failure to sanitize/encode user input during import, allowing a JavaScript payload to be persistently stored in the database. When other u...