CVE-2019-17205
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-17205
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-17205.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-17205
- Aliases
- Published
- 2019-10-05T22:15:11Z
- Modified
- 2024-05-14T06:58:05.115932Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the username field during a login attempt. When an administrator looks at the log of failed logins, the XSS payload will be executed.
- References
Affected packages
Git / github.com/nilsteampassnet/teampass
Affected ranges
- Type
- GIT
- Repo
- https://github.com/nilsteampassnet/teampass
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
2.*
2.1
2.1.20
2.1.23.1
2.1.23.2
2.1.23.3
2.1.23.4
2.1.24.0
2.1.24.1
2.1.24.2
2.1.24.3
2.1.24.4
2.1.25.0
2.1.25.1
2.1.25.2
2.1.26
2.1.26-RC1
2.1.26-final
2.1.26-final-2
2.1.26-final-3
2.1.26.0
2.1.26.1
2.1.26.10
2.1.26.11
2.1.26.12
2.1.26.13
2.1.26.14
2.1.26.15
2.1.26.16
2.1.26.17
2.1.26.18
2.1.26.19
2.1.26.2
2.1.26.20
2.1.26.3
2.1.26.4
2.1.26.5
2.1.26.6
2.1.26.7
2.1.26.8
2.1.26.9
2.1.26_RC1
2.1.27.0
2.1.27.1
2.1.27.10
2.1.27.11
2.1.27.12
2.1.27.13
2.1.27.14
2.1.27.15
2.1.27.16
2.1.27.17
2.1.27.18
2.1.27.19
2.1.27.2
2.1.27.20
2.1.27.21
2.1.27.22
2.1.27.23
2.1.27.24
2.1.27.25
2.1.27.26
2.1.27.27
2.1.27.28
2.1.27.29
2.1.27.3
2.1.27.30
2.1.27.31
2.1.27.32
2.1.27.33
2.1.27.34
2.1.27.35
2.1.27.36
2.1.27.4
2.1.27.5
2.1.27.6
2.1.27.7
2.1.27.8
2.1.27.9