Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-3190: HTML Injection in Folder Name in teampass

Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

CVE
Open in Source
#web#git#auth

Description

The folder name does not sanitize folder name and due to missing output encoding, HTML user-input is rendered in the webpage during folder deletion.

Proof of Concept

  1. Login to Teampass as any user.
  2. Go to Folders tab.
  3. Create a new folder with HTML tag in the Label. Example: <h1>HTML Injection<h1>
  4. Select the created folder and click on Delete.
  5. The HTML code from the Label is rendered in the webpage.

Impact

An user with authorization to create folders can add HTML code to the Label and add items to the page during folder deletion by other users. This could be used to deceive and phish unsuspecting users.

Related news

GHSA-p7xm-g427-jxfc: Teampass Cross-site Scripting vulnerability

In versions of nilsteampassnet/teampass prior to 3.0.9 some user input was not properly sanitized which may have lead to stored cross-site scripting (XSS) vectors in the application.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE