Security Advisories - nilsteampassnet/teampass

nilsteampassnet/teampass Security Advisories for 2.1.26 (36)

[MEDIUM] TeamPass Cross-site Scripting vulnerability

PKSA-pb9g-rpcq-83fc CVE-2023-3565 GHSA-524r-w8fx-hqg3

Affected version: <3.0.10

Reported by:
GitHub
[HIGH] TeamPass information exposure vulnerability

PKSA-w4w9-g4tx-p5pd CVE-2023-3553 GHSA-2rhg-hqq9-8xjh

Affected version: <3.0.10

Reported by:
GitHub
[HIGH] TeamPass vulnerable to Improper Encoding or Escaping of Output

PKSA-771w-4gkn-c7y4 CVE-2023-3552 GHSA-2cv5-qvq3-6276

Affected version: <3.0.10

Reported by:
GitHub
[CRITICAL] TeamPass Code Injection vulnerability

PKSA-vwpw-dqkm-xzp3 CVE-2023-3551 GHSA-97hm-2mfr-2p97

Affected version: <3.0.10

Reported by:
GitHub
[HIGH] TeamPass Cross-site Scripting vulnerability

PKSA-5qtx-xpyd-1yf5 CVE-2023-3531 GHSA-pwrw-g29q-3mp8

Affected version: <3.0.10

Reported by:
GitHub
[MEDIUM] Teampass Cross-site Scripting vulnerability

PKSA-7mjs-bx53-v3y9 CVE-2023-3191 GHSA-qmw8-x364-xxxm

Affected version: <3.0.9

Reported by:
GitHub
[MEDIUM] Teampass Cross-site Scripting vulnerability

PKSA-r6ns-4jm3-9drv CVE-2023-3190 GHSA-p7xm-g427-jxfc

Affected version: <3.0.9

Reported by:
GitHub
[MEDIUM] TeamPass vulnerable to Improper Access Control

PKSA-kt85-jcm7-fbt9 CVE-2023-3095 GHSA-g3jr-6vj4-3x82

Affected version: <3.0.9

Reported by:
GitHub
[CRITICAL] TeamPass vulnerable to stored Cross-site Scripting

PKSA-7571-wnkg-2d8b CVE-2023-3086 GHSA-j245-v2mh-5h6f

Affected version: <3.0.9

Reported by:
GitHub
[HIGH] TeamPass vulnerable to stored Cross-site Scripting

PKSA-9fw1-zxsm-t81q CVE-2023-3084 GHSA-8vm8-38pc-8xhh

Affected version: <3.0.9

Reported by:
GitHub
[HIGH] TeamPass vulnerable to stored Cross-site Scripting

PKSA-3pmc-58zr-5cdy CVE-2023-3083 GHSA-c6fv-3jm9-6r8f

Affected version: <3.0.9

Reported by:
GitHub
[MEDIUM] nilsteampassnet/teampass vulnerable to cross-site scripting

PKSA-6kdw-k3mb-gbr3 CVE-2023-3009 GHSA-h5g9-2p35-54c7

Affected version: <3.0.9

Reported by:
GitHub
[HIGH] Code injection in nilsteampassnet/teampass

PKSA-7n5c-c189-ctb4 CVE-2023-2859 GHSA-h6jh-cf83-qcq5

Affected version: <3.0.9

Reported by:
GitHub
[HIGH] teampass vulnerable to code injection

PKSA-c3yr-7v4h-w8zv CVE-2023-2591 GHSA-prj5-2g2p-x2mw

Affected version: <3.0.7

Reported by:
GitHub
[MEDIUM] Cross Site Scripting in nilsteampassnet/teampass

PKSA-v1q2-jqzm-qy2x CVE-2023-2516 GHSA-2ffp-w665-9mgx

Affected version: <3.0.7

Reported by:
GitHub
[MEDIUM] nilsteampassnet/teampass vulnerable to stored cross-site scripting (XSS)

PKSA-y8kv-8pf6-vbdt CVE-2023-2021 GHSA-4h2q-84w7-4mhx

Affected version: <3.0.3

Reported by:
GitHub
[HIGH] Teampass SQL Injection vulnerability

PKSA-g6nv-nymt-yp1k CVE-2023-1545 GHSA-ppxm-q2h4-v7mm

Affected version: <3.0.0.22

Reported by:
GitHub
[MEDIUM] Improper Authorization in nilsteampassnet/teampass

PKSA-9q4m-4ysp-517k CVE-2023-1463 GHSA-86jq-pwgx-6vrq

Affected version: <3.0.0.23

Reported by:
GitHub
[HIGH] TeamPass External Control of File Name or Path vulnerability

PKSA-qwf6-z7qw-sq21 CVE-2023-1070 GHSA-x36g-4629-xp9v

Affected version: <3.0.0.23

Reported by:
GitHub
[MEDIUM] TeamPass Cross-site Scripting (XSS) vulnerability

PKSA-94ft-pncz-4xgt CVE-2019-16904 GHSA-rpmr-fwh5-24fm

Affected version: <=2.1.27.36

Reported by:
GitHub
[HIGH] TeamPass PHP arbitrary file include vulnerability

PKSA-j8ct-gbw2-67qj CVE-2020-12479 GHSA-6jf9-8m34-96w5

Affected version: <=2.1.27.36

Reported by:
GitHub
[MEDIUM] TeamPass Stored Cross-site Scripting

PKSA-k7bx-3ngj-vxtr CVE-2019-17205 GHSA-v969-5v7f-pmg2

Affected version: <=2.1.27.36

Reported by:
GitHub
[MEDIUM] TeamPass Stored Cross-site Scripting

PKSA-xx3n-ngdy-n2g5 CVE-2019-17204 GHSA-qx37-225j-qr89

Affected version: <=2.1.27.36

Reported by:
GitHub
[MEDIUM] TeamPass Stored Cross-site Scripting

PKSA-dq18-f2hf-j2d5 CVE-2019-17203 GHSA-pqx8-q35p-pgcv

Affected version: <=2.1.27.36

Reported by:
GitHub
[MEDIUM] TeamPass Cross-site Scripting (XSS)

PKSA-v6h9-zk26-qvvb CVE-2019-12950 GHSA-m3pp-jcpm-2vr9

Affected version: <=2.1.27.35

Reported by:
GitHub
[CRITICAL] TeamPass SQL injection in users.queries.php

PKSA-8zhz-4rvg-9xsw CVE-2017-9436 GHSA-cm26-gp8j-w6xf

Affected version: <2.1.27.5

Reported by:
GitHub
[MEDIUM] TeamPass Cross-Site Scripting (XSS)

PKSA-tmqs-sp77-dd7y CVE-2017-15278 GHSA-28pv-2j2h-fmhc

Affected version: <2.1.27.9

Reported by:
GitHub
[MEDIUM] TeamPass stored cross-site scripting (XSS) vulnerability

PKSA-dw7w-yrc3-cfg2 CVE-2017-15051 GHSA-r68m-4v39-cf43

Affected version: <2.1.27.9

Reported by:
GitHub
[HIGH] TeamPass arbitrary file upload vulnerability

PKSA-m5fb-8y5f-7kfz CVE-2017-15054 GHSA-rm3q-qfrm-frrv

Affected version: <2.1.27.9

Reported by:
GitHub
[MEDIUM] TeamPass Improper Privilege Management

PKSA-5341-fn3x-2gzv CVE-2017-15052 GHSA-5qr3-4839-88gf

Affected version: <2.1.27.9

Reported by:
GitHub
[MEDIUM] TeamPass Improper Privilege Management

PKSA-qrf6-ystk-55hk CVE-2017-15053 GHSA-xvjf-394g-phrr

Affected version: <2.1.27.9

Reported by:
GitHub
[HIGH] TeamPass Improper Privilege Management

PKSA-kkmd-wpkb-c2f1 CVE-2017-15055 GHSA-7ghm-6p42-h226

Affected version: <2.1.27.9

Reported by:
GitHub
[CRITICAL] TeamPass Storing Passwords in a Recoverable Format vulnerability

PKSA-hrns-yqzq-5rfv CVE-2019-1000001 GHSA-q9qr-h33g-fw3j

Affected version: <=2.1.27

Reported by:
GitHub
[MEDIUM] Cross-site Scripting in teampass

PKSA-rwpn-cdxx-qr56 CVE-2022-26980 GHSA-m2wv-m5pf-284r

Affected version: <=2.1.26

Reported by:
GitHub
[HIGH] Missing Authorization in TeamPass

PKSA-7jtv-d8pm-9qzj CVE-2020-11671 GHSA-gmr7-m73x-6c9q

Affected version: <=2.1.27.36

Reported by:
GitHub
[HIGH] Incorrect Authorization in TeamPass

PKSA-nf33-sywv-t2tv CVE-2020-12477 GHSA-fv48-hjhp-94c7

Affected version: <=2.1.27.36

Reported by:
GitHub

nilsteampassnet/teampass Security Advisories for 2.1.26 (36)

[MEDIUM] TeamPass Cross-site Scripting vulnerability

[HIGH] TeamPass information exposure vulnerability

[HIGH] TeamPass vulnerable to Improper Encoding or Escaping of Output

[CRITICAL] TeamPass Code Injection vulnerability

[HIGH] TeamPass Cross-site Scripting vulnerability

[MEDIUM] Teampass Cross-site Scripting vulnerability

[MEDIUM] Teampass Cross-site Scripting vulnerability

[MEDIUM] TeamPass vulnerable to Improper Access Control

[CRITICAL] TeamPass vulnerable to stored Cross-site Scripting

[HIGH] TeamPass vulnerable to stored Cross-site Scripting

[HIGH] TeamPass vulnerable to stored Cross-site Scripting

[MEDIUM] nilsteampassnet/teampass vulnerable to cross-site scripting

[HIGH] Code injection in nilsteampassnet/teampass

[HIGH] teampass vulnerable to code injection

[MEDIUM] Cross Site Scripting in nilsteampassnet/teampass

[MEDIUM] nilsteampassnet/teampass vulnerable to stored cross-site scripting (XSS)

[HIGH] Teampass SQL Injection vulnerability

[MEDIUM] Improper Authorization in nilsteampassnet/teampass

[HIGH] TeamPass External Control of File Name or Path vulnerability

[MEDIUM] TeamPass Cross-site Scripting (XSS) vulnerability

[HIGH] TeamPass PHP arbitrary file include vulnerability

[MEDIUM] TeamPass Stored Cross-site Scripting

[MEDIUM] TeamPass Stored Cross-site Scripting

[MEDIUM] TeamPass Stored Cross-site Scripting

[MEDIUM] TeamPass Cross-site Scripting (XSS)

[CRITICAL] TeamPass SQL injection in users.queries.php

[MEDIUM] TeamPass Cross-Site Scripting (XSS)

[MEDIUM] TeamPass stored cross-site scripting (XSS) vulnerability

[HIGH] TeamPass arbitrary file upload vulnerability

[MEDIUM] TeamPass Improper Privilege Management

[MEDIUM] TeamPass Improper Privilege Management

[HIGH] TeamPass Improper Privilege Management

[CRITICAL] TeamPass Storing Passwords in a Recoverable Format vulnerability

[MEDIUM] Cross-site Scripting in teampass

[HIGH] Missing Authorization in TeamPass

[HIGH] Incorrect Authorization in TeamPass