{"id":"CVE-2018-19301","details":"tp4a TELEPORT 3.1.0 allows XSS via the login page because a crafted username is mishandled when an administrator later views the system log.","modified":"2026-07-08T19:44:53.887804Z","published":"2018-11-15T23:29:00.180Z","references":[{"type":"EVIDENCE","url":"https://github.com/S-LBK/teleport/blob/master/Attack%20step.docx"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tp4a/teleport","events":[{"introduced":"051b1fee287efcc56fa2adc83ba1ffc5537c2ec5"},{"last_affected":"051b1fee287efcc56fa2adc83ba1ffc5537c2ec5"}],"database_specific":{"cpe":"cpe:2.3:a:tp4a:teleport:3.1.0:*:*:*:*:*:*:*","source":"CPE_STRING","extracted_events":[{"introduced":"3.1.0"},{"last_affected":"3.1.0"}]}}],"versions":["3.1.0","v3.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19301.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}