CVE-2019-10118
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2019-10118
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-10118.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2019-10118
- Aliases
- Withdrawn
- 2024-05-15T05:33:10.780472Z
- Published
- 2019-03-27T04:29:01Z
- Modified
- 2023-11-29T06:51:51.753428Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and the user's last name in the API.
- References
Affected packages
Git / github.com/snipe/snipe-it
Affected ranges
- Type
- GIT
- Repo
- https://github.com/snipe/snipe-it
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
3.*
3.2.0
v3.*
v3.0
v3.0-alpha
v3.0-alpha2
v3.0-beta.1
v3.0-beta.2
v3.0-beta.3
v3.0.0-beta
v3.1.0
v3.3.0
v3.3.0-beta
v3.4
v3.4.0-alpha
v3.4.0-beta
v3.5.0
v3.5.0-beta
v3.5.0-beta2
v3.5.1
v3.5.2
v3.6.0
v3.6.0-pre
v3.6.1
v3.6.1-pre
v3.6.2
v3.6.3
v3.6.4
v3.6.5
v3.6.6
Other
v4-beta3
v4-beta4
v4.*
v4.0
v4.0-alpha
v4.0-alpha-2
v4.0-beta
v4.0-beta2
v4.0-beta5
v4.0-beta6
v4.0.1
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.14
v4.0.15
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v4.1.0
v4.1.0-beta
v4.1.0-beta2
v4.1.1
v4.1.10
v4.1.11
v4.1.12
v4.1.13
v4.1.14
v4.1.2
v4.1.3
v4.1.4
v4.1.5
v4.1.6
v4.1.7
v4.1.8
v4.1.9
v4.2.0
v4.3.0
v4.4.0
v4.4.1
v4.5.0
v4.6.0
v4.6.1
v4.6.10
v4.6.11
v4.6.12
v4.6.13
v4.6.2
v4.6.3
v4.6.4
v4.6.5
v4.6.6
v4.6.7
v4.6.8
v4.6.9