Hey everyone, I wanted to share with you a vulnerability that I discovered in Teampass, a password management software. I found a stored XSS vulnerability (CVE-2023-2516) that allows attackers to inject malicious code into shared folders, which can potentially lead to serious consequences such as theft of sensitive data or unauthorized access to systems.
- Vulnerability Type: Stored XSS
- CVE: CVE-2023-2516
- Software Version: Teampass 3.0.6
- Author: M Nadeem Qazi
If two users have permission to access a shared folder, an attacker can create a new item in the folder and insert an XSS payload into the item's field. When the item is saved, the payload is successfully implemented within the shared folder. Then, when another user opens the shared folder and clicks on the item, an XSS alert is activated.
I reported this vulnerability to the Teampass development team and it has been fixed in the latest version of the software. However, users should still take precautions to prevent exploitation, such as limiting access to shared folders and being cautious when opening links or files from untrusted sources.
If you're interested in learning more about my findings, check out the report link on huntr.dev.
You can also follow me for updates on my research and other security-related topics:
- Instagram: @mnqazi
- Twitter: @mnqazi
- Facebook: @mnqazi
- LinkedIn: M_Nadeem_Qazi
Stay safe out there!