← Back

CVE-2024-50703

nvd nist
Published: Dec 30, 2024Modified: Sep 29, 2025

JSON object

Loading...
8.1
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Exploitability: 2.8 / Impact: 5.2
Source: NVD

Description

TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.

Affected (1)

Products: Teampass: Teampass
Teampass
1 product
Teampass
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Teampass
Before 3.1.3.1

Related CWEs

CWE-472
External Control of Assumed-Immutable Web Parameter
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.

References (3)

Source: cve@mitre.org
Patch
Source: cve@mitre.org
Product
Source: cve@mitre.org
Product

Timeline

No history available yet.