5 matches found
CVE-2021-4018
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-4018
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-4018
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-4018 Cross-site Scripting (XSS) - Stored in snipe/snipe-it
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...
CVE-2021-4018
CVE-2021-4018 is a stored Cross-site Scripting (XSS) vulnerability affecting snipe-it. Public sources describe an XSS flaw in the web page generation path, with the vulnerability located in checkout/notes handling (notably via AccessoriesTransformer.php/transformCheckedoutAccessory) that allows i...