CVE-2019-16904
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-16904
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16904.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2019-16904
- Aliases
- Published
- 2019-09-26T12:15:11.533Z
- Modified
- 2025-11-14T09:22:39.292810Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for an item in a common available folder or sharing the item with an admin. (The crafted password is exploitable when viewing the change history of the item or tapping on the item.)
- References
Affected packages
Git / github.com/nilsteampassnet/teampass
Affected ranges
- Type
- GIT
- Repo
- https://github.com/nilsteampassnet/teampass
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
2.*
2.1
2.1.20
2.1.23.1
2.1.23.2
2.1.23.3
2.1.23.4
2.1.24.0
2.1.24.1
2.1.24.2
2.1.24.3
2.1.24.4
2.1.25.0
2.1.25.1
2.1.25.2
2.1.26
2.1.26-RC1
2.1.26-final
2.1.26-final-2
2.1.26-final-3
2.1.26.0
2.1.26.1
2.1.26.10
2.1.26.11
2.1.26.12
2.1.26.13
2.1.26.14
2.1.26.15
2.1.26.16
2.1.26.17
2.1.26.18
2.1.26.19
2.1.26.2
2.1.26.20
2.1.26.3
2.1.26.4
2.1.26.5
2.1.26.6
2.1.26.7
2.1.26.8
2.1.26.9
2.1.26_RC1
2.1.27.0
2.1.27.1
2.1.27.10
2.1.27.11
2.1.27.12
2.1.27.13
2.1.27.14
2.1.27.15
2.1.27.16
2.1.27.17
2.1.27.18
2.1.27.19
2.1.27.2
2.1.27.20
2.1.27.21
2.1.27.22
2.1.27.23
2.1.27.24
2.1.27.25
2.1.27.26
2.1.27.27
2.1.27.28
2.1.27.29
2.1.27.3
2.1.27.30
2.1.27.31
2.1.27.32
2.1.27.33
2.1.27.34
2.1.27.35
2.1.27.36
2.1.27.4
2.1.27.5
2.1.27.6
2.1.27.7
2.1.27.8
2.1.27.9