Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
对假设不可变Web参数的外部可控制
Vulnerability Title
TeamPass 安全漏洞
Vulnerability Description
TeamPass是Nils Laumaillé个人开发者的一款开源的密码管理器。 TeamPass 3.1.3.1之前版本存在安全漏洞,该漏洞源于无法正确阻止用户使用不同user_id的权限行事。
CVSS Information
N/A
Vulnerability Type
N/A