Stored XSS on user's name in nilsteampassnet/teampass

Valid

Reported on

Jun 2nd 2023

Description

Paste the payload XSS into the Name or Last name field. XSS vulnerability will trigger.

Proof of Concept

https://drive.google.com/file/d/1hoZkCxzTQbcIDy28hKJyjyrOD1Pcaaz0/view?usp=sharing

Impact

This can potentially lead to a range of serious consequences, such as theft of sensitive data, unauthorized access to systems, and the ability to carry out further attacks.

Occurrences

users.queries.php L128-L1729

References

https://huntr.dev/bounties/2929faca-5822-4636-8f04-ca5e0001361f/

We are processing your report and will contact the nilsteampassnet/teampass team within 24 hours. 4 months ago

Tran Van Nhan modified the report

4 months ago

Nils Laumaillé validated this vulnerability 4 months ago

Tran Van Nhan has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

Nils Laumaillé marked this as fixed in 3.0.9 with commit 797315 4 months ago

The fix bounty has been dropped

This vulnerability has been assigned a CVE

Nils Laumaillé published this vulnerability 4 months ago

users.queries.php#L128-L1729 has been validated

Nils Laumaillé gave praise 4 months ago

Thank you

The researcher's credibility has slightly increased as a result of the maintainer's thanks: +1

to join this conversation