Vulnerabilities > Snipeitapp > Snipe IT > 2.0.0

DATE CVE VULNERABILITY TITLE RISK
2021-12-01 CVE-2021-4018 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
snipeitapp CWE-79
5.4
5.4
2021-11-19 CVE-2021-3961 Unspecified vulnerability in Snipeitapp Snipe-It
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
snipeitapp
5.4
5.4
2021-11-13 CVE-2021-3931 Unspecified vulnerability in Snipeitapp Snipe-It
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
network
low complexity
snipeitapp
4.3
4.3
2021-11-13 CVE-2021-3938 Unspecified vulnerability in Snipeitapp Snipe-It
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
snipeitapp
5.4
5.4
2021-10-19 CVE-2021-3858 Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
network
low complexity
snipeitapp CWE-352
8.8
8.8
2021-10-19 CVE-2021-3863 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
snipeitapp CWE-79
6.1
6.1
2021-10-19 CVE-2021-3879 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
snipeitapp CWE-79
5.4
5.4
2019-03-27 CVE-2019-10118 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and the user's last name in the API.
network
low complexity
snipeitapp CWE-79
6.1
6.1