repository icon
nilsteampassnet / teampass Project repository

Collaborative Passwords Manager

Submit a report

FIRST INTERACTION

WITHINN/A DAYS

REVIEW

WITHIN24 DAYS

FIX

WITHIN21 DAYS

Stored XSS at Search page
tvnnn
High
CVE-2023-3531
Improper handling of input value leads to Remote Code Execution or Denial of Ser...
hiu240900
Critical
CVE-2023-3551
XSS Filter Bypass in Folder Name leading to Information Disclosure
jayesther
High
CVE-2023-3552
Directory listing in multiple endpoints
nerrorsec
Medium
CVE-2023-3553
Stored XSS via Default session expiration time
nerrorsec
Medium
CVE-2023-3565
Stored XSS via Custom Login Message
nerrorsec
informative
Medium
Stored-Cross Site Scripting (XSS) in Duo Security Configuration
sahiloj
not applicable
Cross Site Scripting (XSS) in Adding New API Key Feature
sahiloj
pending
Stored-Cross Site Scripting (XSS) in Add New Role Feature
sahiloj
pending
HTML Injection in Folder Name
nerrorsec
Low
CVE-2023-3190
Stored XSS in many configuration fields
tvnnn
High
CVE-2023-3191
Stored XSS on user's name
tvnnn
Medium
CVE-2023-3083
Browser back attack vulnerability in nilsteampassnet / teampass
newb3ast
pending
Stored XSS on item name - Bypass of (CVE-2023-2516)
mnqazi
High
CVE-2023-3009
Stored XSS on FolderName Affecting other users and admin.
srivallikusumba
High
CVE-2023-3084
Stored XSS on items in Folder in nilsteampassnet/teampass lead to ATO
tadjmen
Critical
CVE-2023-3086
Stored HTML injection in folderName affecting Admin
mnqazi
High
CVE-2023-2859
Stored HTML Injection in Item Label
mnqazi
High
CVE-2023-2591
Stored XSS on items in Folder
mnqazi
Medium
CVE-2023-2516
Broken Access Control On Item via ID
tht1997
Medium
CVE-2023-3095
Stored XSS on function item with folder
tht1997
Medium
CVE-2023-2021
IDOR Vulnerability Allow Low-Level User Logout Everyone Includes Admin
choocs
Medium
CVE-2023-1463
Arbitrary txt files deletion (authenticated)
zonia3000
High
CVE-2023-1070
SQL injection in API authorization check
zonia3000
High
CVE-2023-1545