GHSA-2cqg-q7jm-j35c

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/11/GHSA-2cqg-q7jm-j35c/GHSA-2cqg-q7jm-j35c.json

Aliases

CVE-2021-3938

Published

2021-11-15T23:19:42Z

Modified

2023-09-15T11:19:05.766524Z

Details

snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

References

Affected packages

Packagist / snipe/snipe-it

Source Details

Package Name: snipe/snipe-it

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

5.4.0

Affected versions

v0.*

v0.1.0

v0.1.1

v0.1.2

v0.2.0

v0.3.0-alpha

v0.3.7-alpha

v0.3.8-alpha

v0.3.9-alpha

v0.3.10-alpha

v0.3.11-alpha

v1.*

v1.0

v1.1

v1.2.0

v1.2.1

v1.2.2

v1.2.3-beta

v1.2.3

v1.2.4-beta

v1.2.4

v1.2.5

v1.2.6-beta

v1.2.6

v1.2.6.1

v1.2.7-beta

v1.2.7

v1.2.8

v1.2.9

v1.2.10

v1.2.11

v2.*

v2.0-beta

v2.0-RC-1

v2.0

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.0.6

v2.1.0

v2.1.1

v2.1.2

v3.*

v3.0-alpha

v3.0-alpha2

v3.0-beta.1

v3.0-beta.2

v3.0-beta.3

v3.0

v3.0.0-beta

v3.1.0

v3.3.0-beta

v3.3.0

v3.4

v3.4.0-alpha

v3.4.0-beta

v3.5.0-beta

v3.5.0-beta2

v3.5.0

v3.5.1

v3.5.2

v3.6.0

v3.6.1

v3.6.2

v3.6.3

v3.6.4

v3.6.5

v3.6.6

3.*

3.2.0

Other

v4-beta3

v4-beta4

v4.*

v4.0-alpha

v4.0-alpha-2

v4.0-beta

v4.0-beta2

v4.0-beta5

v4.0-beta6

v4.0

v4.0.1

v4.0.2

v4.0.3

v4.0.4

v4.0.5

v4.0.6

v4.0.7

v4.0.8

v4.0.9

v4.0.10

v4.0.11

v4.0.12

v4.0.13

v4.0.14

v4.0.15

v4.1.0-beta

v4.1.0-beta2

v4.1.0

v4.1.1

v4.1.2

v4.1.3

v4.1.4

v4.1.5

v4.1.6

v4.1.7

v4.1.8

v4.1.9

v4.1.10

v4.1.11

v4.1.12

v4.1.13

v4.1.14

v4.2.0

v4.3.0

v4.4.0

v4.4.1

v4.5.0

v4.6.0

v4.6.1

v4.6.2

v4.6.3

v4.6.4

v4.6.5

v4.6.6

v4.6.7

v4.6.8

v4.6.9

v4.6.10

v4.6.11

v4.6.12

v4.6.13

v4.6.14

v4.6.15

v4.6.16

v4.6.17

v4.6.18

v4.7.0

v4.7.1

v4.7.2

v4.7.3

v4.7.4

v4.7.5

v4.7.6

v4.7.7

v4.7.8

v4.8.0

v4.9.0

v4.9.1

v4.9.2

v4.9.3

v4.9.4

v4.9.5

v5.*

v5.0.0-beta-1.0

v5.0.0-beta-1.1

v5.0.0-beta-2

v5.0.0-beta-3.0

v5.0.0-beta-4

v5.0.0-beta-5

v5.0.0

v5.0.1

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.0.6

v5.0.7

v5.0.8

v5.0.9

v5.0.10

v5.0.11

v5.0.12

v5.1.0

v5.1.1

v5.1.2

v5.1.3

v5.1.4

v5.1.5

v5.1.6

v5.1.7

v5.1.8

v5.2.0

v5.3.0

v5.3.1

v5.3.2

v5.3.3

v5.3.4

v5.3.5

v5.3.6

v5.3.7

v5.3.8

v5.3.9

v5.3.10

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}

Database specific

{
    "last_known_affected_version_range": "<= 5.3.1"
}