Vulnerabilities > Snipeitapp > Snipe IT > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-18 | CVE-2021-4130 | Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | 6.8 |
| 2021-12-14 | CVE-2021-4108 | Cross-site Scripting vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 4.3 |
| 2021-12-10 | CVE-2021-4089 | Missing Authorization vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Improper Access Control | 4.0 |
| 2021-12-06 | CVE-2021-4075 | Server-Side Request Forgery (SSRF) vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Server-Side Request Forgery (SSRF) | 6.5 |
| 2021-11-13 | CVE-2021-3931 | Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
| 2021-10-19 | CVE-2021-3858 | Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | 6.8 |
| 2021-10-19 | CVE-2021-3863 | Cross-site Scripting vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 4.3 |
| 2019-03-27 | CVE-2019-10118 | Cross-site Scripting vulnerability in Snipeitapp Snipe-It Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and the user's last name in the API. | 4.3 |