CVE-2021-3961

HIGH8.0EPSS 0.33%

Cross-site Scripting in snipe/snipe-it

Published: 11/23/2021Modified: 11/8/2023
Also known as:GHSA-c65v-p733-9796

Description

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected packages (1)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1HIGH8.0CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

References (3)