Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Snipeitapp Subscribe
Filtered by product Snipe-it
Total 32 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3858 1 Snipeitapp 1 Snipe-it 2023-12-10 6.8 MEDIUM 8.8 HIGH
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3879 1 Snipeitapp 1 Snipe-it 2023-12-10 3.5 LOW 5.4 MEDIUM
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-0179 1 Snipeitapp 1 Snipe-it 2023-12-10 4.9 MEDIUM 5.4 MEDIUM
snipe-it is vulnerable to Missing Authorization
CVE-2021-4108 1 Snipeitapp 1 Snipe-it 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4018 1 Snipeitapp 1 Snipe-it 2023-12-10 3.5 LOW 5.4 MEDIUM
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3961 1 Snipeitapp 1 Snipe-it 2023-12-10 3.5 LOW 5.4 MEDIUM
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3863 1 Snipeitapp 1 Snipe-it 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-0178 1 Snipeitapp 1 Snipe-it 2023-12-10 5.5 MEDIUM 5.4 MEDIUM
Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8.
CVE-2021-4130 1 Snipeitapp 1 Snipe-it 2023-12-10 6.8 MEDIUM 8.8 HIGH
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3938 1 Snipeitapp 1 Snipe-it 2023-12-10 3.5 LOW 5.4 MEDIUM
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-4075 1 Snipeitapp 1 Snipe-it 2023-12-10 6.5 MEDIUM 7.2 HIGH
snipe-it is vulnerable to Server-Side Request Forgery (SSRF)
CVE-2019-10118 1 Snipeitapp 1 Snipe-it 2023-12-10 4.3 MEDIUM 6.1 MEDIUM
Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and the user's last name in the API.