invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
References
Link | Resource |
---|---|
https://github.com/invoiceninja/invoiceninja/commit/1186eaa82375692d01d5ef3369c5b7bc7315b55f | Patch Third Party Advisory |
https://huntr.dev/bounties/99c4ed09-b66f-474a-bd74-eeccf9339fde | Exploit Issue Tracking Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntrdev
Published: 2021-12-24T20:10:10
Updated: 2021-12-24T20:10:10
Reserved: 2021-11-18T00:00:00
Link: CVE-2021-3977
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-24T20:15:08.137
Modified: 2021-12-30T19:14:04.140
Link: CVE-2021-3977
JSON object: View
Redhat Information
No data.
CWE