An issue was discovered in TeamPass 2.1.27.35. From the sources/items.queries.php "Import items" feature, it is possible to load a crafted CSV file with an XSS payload.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-06T16:16:40
Updated: 2024-08-04T23:32:55.581Z
Reserved: 2019-06-24T00:00:00
Link: CVE-2019-12950
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-08-06T17:15:43.837
Modified: 2019-08-14T14:46:04.783
Link: CVE-2019-12950
Redhat
No data.