Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-3863 | 1 Snipeitapp | 1 Snipe-it | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2022-0179 | 1 Snipeitapp | 1 Snipe-it | 2024-02-04 | 4.9 MEDIUM | 5.4 MEDIUM |
| snipe-it is vulnerable to Missing Authorization | |||||
| CVE-2021-4075 | 1 Snipeitapp | 1 Snipe-it | 2024-02-04 | 6.5 MEDIUM | 7.2 HIGH |
| snipe-it is vulnerable to Server-Side Request Forgery (SSRF) | |||||
| CVE-2021-4130 | 1 Snipeitapp | 1 Snipe-it | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-3858 | 1 Snipeitapp | 1 Snipe-it | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-3938 | 1 Snipeitapp | 1 Snipe-it | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
| CVE-2019-10118 | 1 Snipeitapp | 1 Snipe-it | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and the user's last name in the API. | |||||