CVE-2021-4108

Description

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

Affected packages (1)

• Packagist/snipe/snipe-itfrom 0, < 5.3.5

CVSS scores

References (4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-4108
• WEBhttps://github.com/snipe/snipe-it
• WEBhttps://github.com/snipe/snipe-it/commit/9d5d1a9f9aae2c8baee48551185da5de0cdb62c2
• WEBhttps://huntr.dev/bounties/5069a037-040e-4d77-8526-846e65edfaf4