{"id":"CVE-2024-50703","details":"TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.","aliases":["GHSA-9wmc-988h-2mv2"],"modified":"2026-04-10T05:18:13.176539Z","published":"2024-12-30T15:15:10.693Z","references":[{"type":"WEB","url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1"},{"type":"WEB","url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1"},{"type":"FIX","url":"https://github.com/nilsteampassnet/TeamPass/commit/c7f7f809071eaa9e04505ee79cec7049a42959e9"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nilsteampassnet/teampass","events":[{"introduced":"0"},{"fixed":"d259cf4710c2dbfeb5bd5382fb2fc348068c68d5"},{"fixed":"c7f7f809071eaa9e04505ee79cec7049a42959e9"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3.1.3.1"}]}}],"versions":["2.1.20","2.1.25.0","2.1.25.1","2.1.25.2","2.1.26","2.1.26-final","2.1.26-final-2","2.1.26-final-3","2.1.26.0","2.1.26.1","2.1.26.10","2.1.26.11","2.1.26.12","2.1.26.13","2.1.26.14","2.1.26.15","2.1.26.16","2.1.26.17","2.1.26.2","2.1.26.3","2.1.26.4","2.1.26.5","2.1.26.6","2.1.26.7","2.1.26.8","2.1.26.9","2.1.27.0","2.1.27.1","2.1.27.10","2.1.27.11","2.1.27.12","2.1.27.13","2.1.27.14","2.1.27.15","2.1.27.16","2.1.27.2","2.1.27.3","2.1.27.4","2.1.27.5","2.1.27.6","2.1.27.7","2.1.27.8","2.1.27.9","3.0.0.0","3.0.0.10","3.0.0.11","3.0.0.12","3.0.0.13","3.0.0.14","3.0.0.15","3.0.0.16","3.0.0.17","3.0.0.18","3.0.0.19","3.0.0.2","3.0.0.20","3.0.0.21","3.0.0.22","3.0.0.23","3.0.0.3","3.0.0.5","3.0.0.7","3.0.0.8","3.0.0.9","3.0.1","3.0.10","3.0.2","3.0.3","3.0.4","3.0.5","3.0.6","3.0.7","3.0.8","3.0.9","3.1.0","3.1.1","3.1.2","3.1.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50703.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}]}