Lucene search
Veracode Vulnerability DatabaseVERACODE:33147HistoryDec 02, 2021 - 3:39 a.m.
Cross-site Scripting (XSS)
2021-12-0203:39:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
cross-site scripting
snipe-it
accessoriestransformer.
EPSS
0.001
Percentile
21.4%
snipe/snipe-it is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the transformCheckedoutAccessory function in AccessoriesTransformer.php as it does not properly escape the user inputs checkout notes.
Related
huntr
huntr
Cross-site Scripting (XSS) - Stored in snipe/snipe-it
2021-11-21 06:42:42
osv
osv
snipe-it is vulnerable to Cross-site Scripting
2021-12-03 20:40:50
CVE-2021-4018
2021-12-01 10:15:07
github
github
snipe-it is vulnerable to Cross-site Scripting
2021-12-03 20:40:50
cve
cve
CVE-2021-4018
2021-12-01 10:15:07
prion
prion
Cross site scripting
2021-12-01 10:15:00
cvelist
cvelist
CVE-2021-4018 Cross-site Scripting (XSS) - Stored in snipe/snipe-it
2021-12-01 10:00:11
nvd
nvd
CVE-2021-4018
2021-12-01 10:15:07