Lucene search
Veracode Vulnerability DatabaseVERACODE:32978HistoryNov 15, 2021 - 9:02 a.m.
Cross-site Scripting (XSS)
2021-11-1509:02:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
21.6%
snipe/snipe-it is vulnerable to cross-site scripting. The library does not properly escape asset_tag in the bulk checkout, allowing attackers to inject and execute malicious javascript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| snipe/snipe-it | le | v5.3.1 | |
| snipe/snipe-it | le | v5.3.1 |
Related
prion
prion
Cross site scripting
2021-11-13 09:15:00
huntr
huntr
Cross-site Scripting (XSS) - Generic in snipe/snipe-it
2021-11-05 04:49:43
osv
osv
snipe-it is vulnerable to Cross-site Scripting
2021-11-15 23:19:42
CVE-2021-3938
2021-11-13 09:15:07
cnvd
cnvd
Snipe-IT Cross-Site Scripting Vulnerability
2021-11-16 00:00:00
nvd
nvd
CVE-2021-3938
2021-11-13 09:15:07
github
github
snipe-it is vulnerable to Cross-site Scripting
2021-11-15 23:19:42
cve
cve
CVE-2021-3938
2021-11-13 09:15:07
cvelist
cvelist
CVE-2021-3938 Cross-site Scripting (XSS) - Generic in snipe/snipe-it
2021-11-13 08:35:10