CVE-2019-12950

CVE-2019-12950

EPSS 0.8%

An issue was discovered in TeamPass 2.1.27.35. From the sources/items.queries.php "Import items" feature, it is possible to load a crafted CSV file with an XSS payload.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/nilsteampassnet/TeamPass/issues/2638 https://github.com/nilsteampassnet/TeamPass/releases