{"id":"GHSA-524r-w8fx-hqg3","summary":"TeamPass Cross-site Scripting vulnerability","details":"Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10.","aliases":["CVE-2023-3565"],"modified":"2024-02-16T08:19:26.215198Z","published":"2023-07-10T18:30:49Z","database_specific":{"nvd_published_at":"2023-07-10T16:15:56Z","github_reviewed_at":"2023-07-10T21:52:43Z","cwe_ids":["CWE-79"],"severity":"MODERATE","github_reviewed":true},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3565"},{"type":"WEB","url":"https://github.com/nilsteampassnet/teampass/commit/820bb49a362a566c9038e4a3048b26d654babb0e"},{"type":"PACKAGE","url":"https://github.com/nilsteampassnet/teampass"},{"type":"WEB","url":"https://huntr.dev/bounties/fcf46e1f-2ab6-4057-9d25-cf493ab09530"}],"affected":[{"package":{"name":"nilsteampassnet/teampass","ecosystem":"Packagist","purl":"pkg:composer/nilsteampassnet/teampass"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.10"}]}],"versions":["2.1.21","2.1.26","2.1.27","3.0.0","3.0.0.10","3.0.0.11"],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-524r-w8fx-hqg3/GHSA-524r-w8fx-hqg3.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}]}