CVE-2019-12950

CVE-2019-12950

EPSS 0.8%

An issue was discovered in TeamPass 2.1.27.35. From the sources/items.queries.php "Import items" feature, it is possible to load a crafted CSV file with an XSS payload.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/nilsteampassnet/TeamPass/issues/2638 https://github.com/nilsteampassnet/TeamPass/releases