CVEブラウザに戻る

CVE-2015-7563

HIGH

8.8

CVSS Severity Score

EPSS Score0.0900%

EPSS Percentile32.47th

Published2017年4月12日

Last Modified2026年5月13日

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and earlier allows remote attackers to hijack the authentication of an authenticated user.

Affected Platforms (CPE)

📦

Teampass

Teampass

<= 2.1.24.0

References & Advisories

🔗 https://github.com/nilsteampassnet/TeamPass/pull/1140

🔗 https://www.exploit-db.com/exploits/39559/

🔗 https://github.com/nilsteampassnet/TeamPass/pull/1140

🔗 https://www.exploit-db.com/exploits/39559/

関連する脆弱性情報

CVE-2019-10000019.8

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults t...

CVE-2015-75649.8

Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier allow remote attackers to execute arbitrary SQL commands via...

CVE-2017-94369.8

TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.queries.php.

CVE-2020-124798.8

TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request w...