Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple vulnerabilities in Teampass
Vulnerability Description
Blind Cross-Site Scripting (XSS) in Teampass, versions prior to 3.1.5.16, within the password manager login functionality in the 'contraseña' parameter of the login form 'redacted/index.php'. During failed authentication attempts, the application does not properly clean or encode the information entered by the user in the username field. As a result, arbitrary JavaScript code is automatically executed in the administrator's browser when viewing failed login entries, resulting in a blind XSS condition.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
TeamPass 跨站脚本漏洞
Vulnerability Description
TeamPass是Nils Laumaillé个人开发者的一款开源的密码管理器。 TeamPass 3.1.5.16之前版本存在跨站脚本漏洞,该漏洞源于登录表单中contraseña参数未正确清理或编码用户输入,可能导致盲跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A