snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
References
Link | Resource |
---|---|
https://github.com/snipe/snipe-it/commit/bda23bb1e66fd7ce42c75c69cf5eea4e80865c1c | Patch Third Party Advisory |
https://huntr.dev/bounties/6dccc49e-3843-4a4a-b397-5c659e5f8bfe | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntrdev
Published: 2021-10-19T12:30:35
Updated: 2021-10-19T12:30:35
Reserved: 2021-10-12T00:00:00
Link: CVE-2021-3879
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-19T13:15:11.870
Modified: 2021-10-21T23:57:43.137
Link: CVE-2021-3879
JSON object: View
Redhat Information
No data.
CWE