Medium severity5.4NVD Advisory· Published Oct 12, 2017· Updated Jun 17, 2026
CVE-2017-15278
CVE-2017-15278
Description
Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. The vulnerability exists due to insufficient filtration of data (in /sources/folders.queries.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
nilsteampassnet/teampassPackagist | < 2.1.27.9 | 2.1.27.9 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/nilsteampassnet/TeamPass/commit/f5a765381f051fe624386866ddb1f6b5e7eb929bnvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-28pv-2j2h-fmhcghsaADVISORY
- github.com/nilsteampassnet/TeamPass/blob/master/changelog.mdnvdRelease NotesThird Party AdvisoryWEB
- github.com/nilsteampassnet/TeamPass/releases/tag/2.1.27.9nvdRelease NotesThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2017-15278ghsaADVISORY
News mentions
0No linked articles in our index yet.