{"id":"CVE-2023-3009","summary":"Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass","details":"Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.","aliases":["GHSA-h5g9-2p35-54c7"],"modified":"2026-04-28T04:06:07.260400Z","published":"2023-05-31T00:00:00Z","database_specific":{"cwe_ids":["CWE-79"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/3xxx/CVE-2023-3009.json","cna_assigner":"@huntrdev"},"references":[{"type":"WEB","url":"https://huntr.dev/bounties/2929faca-5822-4636-8f04-ca5e0001361f"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/3xxx/CVE-2023-3009.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3009"},{"type":"FIX","url":"https://github.com/nilsteampassnet/teampass/commit/6ba8cf1f4b89d62a08d122d533ccf4cb4e26a4ee"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nilsteampassnet/teampass","events":[{"introduced":"0"},{"fixed":"ee4074bc5b0f8c9553bcdf311693405035dcab65"},{"fixed":"6ba8cf1f4b89d62a08d122d533ccf4cb4e26a4ee"}],"database_specific":{"cpe":"cpe:2.3:a:teampass:teampass:*:*:*:*:*:*:*:*","source":["CPE_FIELD","REFERENCES"],"extracted_events":[{"introduced":"0"},{"fixed":"3.0.9"}]}}],"versions":["2.1.20","2.1.25.0","2.1.25.1","2.1.25.2","2.1.26","2.1.26-final","2.1.26-final-2","2.1.26-final-3","2.1.26.0","2.1.26.1","2.1.26.10","2.1.26.11","2.1.26.12","2.1.26.13","2.1.26.14","2.1.26.15","2.1.26.16","2.1.26.17","2.1.26.2","2.1.26.3","2.1.26.4","2.1.26.5","2.1.26.6","2.1.26.7","2.1.26.8","2.1.26.9","2.1.27.0","2.1.27.1","2.1.27.10","2.1.27.11","2.1.27.12","2.1.27.13","2.1.27.14","2.1.27.15","2.1.27.16","2.1.27.2","2.1.27.3","2.1.27.4","2.1.27.5","2.1.27.6","2.1.27.7","2.1.27.8","2.1.27.9","3.0.0.0","3.0.0.10","3.0.0.11","3.0.0.12","3.0.0.13","3.0.0.14","3.0.0.15","3.0.0.16","3.0.0.17","3.0.0.18","3.0.0.19","3.0.0.2","3.0.0.20","3.0.0.21","3.0.0.22","3.0.0.23","3.0.0.3","3.0.0.5","3.0.0.7","3.0.0.8","3.0.0.9","3.0.1","3.0.2","3.0.3","3.0.4","3.0.5","3.0.6","3.0.7","3.0.8"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-3009.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}]}