Lucene search
Veracode Vulnerability DatabaseVERACODE:36846HistoryAug 30, 2022 - 6:56 a.m.
Cross-Site Scripting (XSS)
2022-08-3006:56:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
21.5%
snipe/snipe-it is vulnerable to cross-site scripting. The vulnerability exists in views/dashboard.blade.php and login.blade.php because the user inputs are not properly escaped which allows a remote attacker to inject and execute malicious code into the system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| snipe/snipe-it | le | v6.0.10 | |
| snipe/snipe-it | le | v6.0.10 |
Related
osv
osv
snipe-it vulnerable to cross-site scripting (XSS)
2022-08-30 00:00:29
CVE-2022-3035
2022-08-29 20:15:09
github
github
snipe-it vulnerable to cross-site scripting (XSS)
2022-08-30 00:00:29
huntr
huntr
Stored Cross-Site Scripting (XSS)
2022-08-28 16:44:56
prion
prion
Cross site scripting
2022-08-29 20:15:00
nvd
nvd
CVE-2022-3035
2022-08-29 20:15:09
cve
cve
CVE-2022-3035
2022-08-29 20:15:09
cvelist
cvelist
CVE-2022-3035 Cross-site Scripting (XSS) - Stored in snipe/snipe-it
2022-08-29 19:35:09