CVE-2021-3961
8
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| snipe | snipe/snipe-it | unspecified < 5.3.2 | affected |
Weaknesses
- CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADP Enrichment
CVE Program Container
Additional References
- https://huntr.dev/bounties/5987aed5-6613-4937-8a3e-d48009b7da10
- https://github.com/snipe/snipe-it/commit/7ce5993f5ae9d713a0955c2fd8e2dff7a7ce886e
References
- https://huntr.dev/bounties/5987aed5-6613-4937-8a3e-d48009b7da10
- https://github.com/snipe/snipe-it/commit/7ce5993f5ae9d713a0955c2fd8e2dff7a7ce886e
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.