We've released a couple of patches for the latest release of Team Password Manager:
- 18.104.22.1681: it corrects an XSS vulnerability when entering disallowed characters.
- 22.214.171.1248: it corrects a LDAP sync bug where "Add/update groups and sync members" objects use the same Base DN for members as the one for groups in paged searches.
Please make sure you apply them to your Team Password Manager installation.
Thanks to everyone who contributed.
You have these patches available on the Changelog.