Lucene search

Veracode Vulnerability DatabaseVERACODE:40867

HistoryJun 12, 2023 - 1:18 p.m.

HTML Injection

2023-06-1213:18:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

html injection

teampass

password manager

user input

sanitisation

folder renaming

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

61.1%

JSON

teampass password manager is vulnerable to HTML injection .The vulnerability is due to lack of user input sanitisation while renaming a folder with user supplied folder name resulting in running malicious html when the same folder is accessed by other users including admin.

CPENameOperatorVersion
nilsteampassnet/teampassle3.0.0.11
nilsteampassnet/teampassle3.0.0.11

CPE	Name	Operator	Version
	nilsteampassnet/teampass	le	3.0.0.11
	nilsteampassnet/teampass	le	3.0.0.11

References

github.com/nilsteampassnet/teampass/commit/1f51482a0c4d152ca876844212b0f8f3cb9387af

huntr.dev/bounties/9e21156b-ab1d-4c60-88ef-8c9f3e2feb7f/

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

61.1%

JSON

Related for VERACODE:40867