Vulnerabilities > Teampass > Teampass > 2.1.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-03 | CVE-2023-3083 | Cross-site Scripting vulnerability in Teampass Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | 8.7 |
2023-05-31 | CVE-2023-3009 | Cross-site Scripting vulnerability in Teampass Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | 5.4 |
2023-05-24 | CVE-2023-2859 | Code Injection vulnerability in Teampass Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9. | 8.8 |
2023-05-09 | CVE-2023-2591 | Cross-site Scripting vulnerability in Teampass Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7. | 5.4 |
2023-05-05 | CVE-2023-2516 | Cross-site Scripting vulnerability in Teampass Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7. | 5.4 |
2023-04-13 | CVE-2023-2021 | Cross-site Scripting vulnerability in Teampass Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3. | 5.4 |
2023-03-21 | CVE-2023-1545 | SQL Injection vulnerability in Teampass SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23. | 7.5 |
2023-03-17 | CVE-2023-1463 | Authorization Bypass Through User-Controlled Key vulnerability in Teampass Authorization Bypass Through User-Controlled Key in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23. | 5.4 |
2023-02-27 | CVE-2023-1070 | External Control of File Name or Path vulnerability in Teampass External Control of File Name or Path in GitHub repository nilsteampassnet/teampass prior to 3.0.0.22. | 7.1 |
2020-05-04 | CVE-2020-11671 | Improper Privilege Management vulnerability in Teampass Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. | 5.8 |