CVE-2025-26091

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://brunocaseiro.github.io/CVE-2025-26091/", "name": "https://brunocaseiro.github.io/CVE-2025-26091/", "tags": ["Exploit", "Third Party Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A Cross Site Scripting (XSS) vulnerability exists in TeamPasswordManager v12.162.284 and before that could allow a remote attacker to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'name' parameter when creating a new password in the \"My Passwords\" page."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2025-26091", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2025-03-04T17:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:teampasswordmanager:team_password_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "12.162.284"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-05-21T15:00Z"}