Miggo Logo
Miggo Vulnerability Database
CVE-2023-3552

CVE-2023-3552:
TeamPass vulnerable to Improper Encoding or Escaping of Output

7.6

CVSS Score
3.0

Basic Information

CVE ID
CVE-2023-3552
GHSA ID
GHSA-2cv5-qvq3-6276
EPSS Score
0.46388%
CWE
CWE-116
Published
7/8/2023
Updated
11/10/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
nilsteampassnet/teampasscomposer< 3.0.103.0.10

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The key vulnerability stemmed from the processing order in simplePurifier. The original implementation decoded HTML entities before sanitization with DOMPurify, creating an XSS bypass opportunity. The patch swapped these steps (DOMPurify first, then entity decoding), which is the correct security-critical sequence. The commit message explicitly references fixing XSS in folder pages, and the functions.js modification directly addresses the output encoding flaw described in CWE-116.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T**mP*ss prior to *.*.** is vuln*r**l* to *ross-sit* s*riptin* *ilt*r *yp*ss in *ol**r n*m*s. T*is **n l*** to in*orm*tion *is*losur*.

Reasoning

T** k*y vuln*r**ility st*mm** *rom t** pro**ssin* or**r in simpl*Puri*i*r. T** ori*in*l impl*m*nt*tion ***o*** *TML *ntiti*s ***or* s*nitiz*tion wit* *OMPuri*y, *r**tin* *n XSS *yp*ss opportunity. T** p*t** sw*pp** t**s* st*ps (*OMPuri*y *irst, t**n