CVE-2023-2021

描述

nilsteampassnet/teampass prior to 3.0.3 is vulnerable to stored cross-site scripting (XSS) in the description parameter of a folder.

受影響套件(1)

• Packagist/nilsteampassnet/teampassfrom 0, < 3.0.3

CVSS 分數

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-2021
• PATCHhttps://github.com/nilsteampassnet/TeamPass
• WEBhttps://github.com/nilsteampassnet/teampass/commit/77c541a0151841d1f4ceb0a84ca391e1b526d58d
• WEBhttps://huntr.dev/bounties/2e31082d-7aeb-46ff-84d6-9561758e3bf0