Lucene search
China National Vulnerability DatabaseCNVD-2022-19842HistoryNov 24, 2021 - 12:00 a.m.
Snipe-IT Cross-Site Scripting Vulnerability (CNVD-2022-19842)
2021-11-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
snipe-it
cross-site scripting
vulnerability
web generation page
input data
client-side code execution
attacker
open source
it asset management system
license management system
EPSS
0.001
Percentile
21.4%
Snipe-IT is an open source IT asset/license management system. Snipe-IT has a cross-site scripting vulnerability that stems from the product’s web generation page not validating the input data, which could be exploited by an attacker to cause client-side code execution.
Related
nvd
nvd
CVE-2021-3961
2021-11-19 12:15:09
osv
osv
CVE-2021-3961
2021-11-19 12:15:00
Cross-site Scripting in snipe/snipe-it
2021-11-23 18:17:33
github
github
Cross-site Scripting in snipe/snipe-it
2021-11-23 18:17:33
cve
cve
CVE-2021-3961
2021-11-19 12:15:09
huntr
huntr
Cross-site Scripting (XSS) - Stored in snipe/snipe-it
2021-11-11 08:08:14
cvelist
cvelist
CVE-2021-3961 Cross-site Scripting (XSS) - Stored in snipe/snipe-it
2021-11-19 11:55:10
prion
prion
Cross site scripting
2021-11-19 12:15:00
veracode
veracode
Cross-site Scripting (XSS)
2021-11-22 12:58:26