Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stored XSS in KBs field #2689

Closed
lebik opened this issue Sep 30, 2019 · 0 comments
Closed

Stored XSS in KBs field #2689

lebik opened this issue Sep 30, 2019 · 0 comments

Comments

@lebik
Copy link

lebik commented Sep 30, 2019

Steps to reproduce

  1. Open Knowledge Base, tap on Add a new KB
  2. Set XSS payload as label name:
<img src=x onerror=alert(1)>
  1. Add any available item which you want to "infect"
  2. That's all.
    Anyone who click at the item will trigger XSS payload

teampass_stored_xss_3

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants