What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.
CVE-2023-3084
HIGH
CVE-2023-3084: Cross-site Scripting (XSS) - Stored in nilsteampassnet/teampass
CVSS base score
8.1/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Key dates
02Disclosure timeline
June 3, 2023
CVE published
January 8, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-3051 Page Builder by AZEXO <= 1.27.133 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE-2024-8337 SourceCodester Contact Manager with Export to VCF index.html cross site scripting
CVE-2025-30983 WordPress Card flip image slideshow plugin <= 1.5 - Cross Site Scripting (XSS) Vulnerability
CVE-2020-37014 Tryton 5.4 - Persistent Cross-Site Scripting
CVE-2025-49298 WordPress Event post plugin <= 5.10.1 - Cross Site Scripting (XSS) Vulnerability
