Login Sign Up

CVE-2023-3083

8.7 HIGH
Cross-Site Scripting

📋 TL;DR

This stored cross-site scripting (XSS) vulnerability in TeamPass allows attackers to inject malicious scripts that execute when other users view affected pages. It affects all TeamPass installations prior to version 3.0.9. Attackers could steal session cookies, redirect users, or perform actions on their behalf.

💻 Affected Systems

Products:
  • TeamPass
Versions: All versions prior to 3.0.9
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all TeamPass deployments regardless of configuration. The vulnerability is in the core application code.

📦 What is this software?

Teampass by Teampass

View all CVEs affecting Teampass →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the TeamPass instance, allowing attackers to steal all stored passwords, modify credentials, and gain persistent access to the system.

🟠

Likely Case

Session hijacking leading to unauthorized access to stored credentials, potential credential theft, and privilege escalation within TeamPass.

🟢

If Mitigated

Limited impact with proper input validation and output encoding, potentially only affecting specific user sessions.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access to TeamPass. The vulnerability is well-documented with public proof-of-concept available through the referenced bounty reports.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.0.9

Vendor Advisory: https://github.com/nilsteampassnet/teampass/commit/79731553fa305d45dabb7a227f3074d56d7c94c1

Restart Required: No

Instructions:

1. Backup your TeamPass installation and database. 2. Download TeamPass 3.0.9 or later from the official repository. 3. Replace all files with the new version, preserving your configuration files. 4. Run any database migration scripts if provided. 5. Verify the installation works correctly.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize user inputs before processing.

Content Security Policy

all

Implement strict Content Security Policy headers to mitigate XSS impact.

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block XSS payloads
  • Restrict user permissions and implement principle of least privilege

🔍 How to Verify

Check if Vulnerable:

Check your TeamPass version. If it's below 3.0.9, you are vulnerable.

Check Version:

Check the version.php file or TeamPass admin interface for version information

Verify Fix Applied:

After updating to 3.0.9 or later, verify the version and test that user inputs are properly sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual script tags or JavaScript in user inputs
  • Multiple failed login attempts followed by successful login from same IP

Network Indicators:

  • Unexpected outbound connections from TeamPass server
  • Suspicious JavaScript payloads in HTTP requests

SIEM Query:

source="teampass_logs" AND ("<script>" OR "javascript:" OR "onerror=" OR "onload=")

📊 Metadata

CVE ID: CVE-2023-3083
CVSS v3 Score: 8.7 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
CWE: CWE-79
Published: June 3, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-3083, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)