CVE-2026-3106 | Teampass up to 3.1.5.15 Login Form redacted/index.php Username cross site scripting

Inserito da Angelo Barbosa | Mar 31, 2026 | CVE

A vulnerability classified as problematic has been found in Teampass up to 3.1.5.15. The impacted element is an unknown function of the file redacted/index.php of the component Login Form. Performing a manipulation of the argument Username results in cross site scripting.

This vulnerability is cataloged as CVE-2026-3106. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2026-3106 | Teampass up to 3.1.5.15 Login Form redacted/index.php Username cross site scripting

Post correlati

CVE-2024-57637 | openlink virtuoso-opensource 7.2.11 SQL dfe_unit_gb_dependant denial of service (Issue 1192)

CVE-2025-1085 | Animati PACS up to 1.24.12.09.03 /login cross site scripting

CVE-2025-66077 | wpWax Legal Pages Plugin up to 1.4.6 on WordPress authorization

CVE-2024-51534 | Dell PowerProtect DD up to 7.10.1.40/7.13.1.10/8.1.0.10 path traversal (dsa-2025-022)