CVE-2021-3858

CVE-2021-3858

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

Published Oct 5, 2021

CVSS ScoreHigh

8.8

CVE-2021-3858

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

Published Oct 5, 2021

CVSS ScoreHigh

8.8

CVE ID: CVE-2021-3858
CWE: CWE-352
CVE Description: snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
Published: Oct 5, 2021
CVSS Score & Severity: 8.8High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score: 0.154%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: https://github.com/snipe/snipe-it/pull/10165PROJECT
https://www.huntr.dev/bounties/a2fac2eb-100d-45b1-9ac7-71847c2f2b6b/THIRD_PARTY

CVE ID: CVE-2021-3858
CWE: CWE-352
CVE Description: snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
Published: Oct 5, 2021
CVSS Score & Severity: 8.8High
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score: 0.154%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: https://github.com/snipe/snipe-it/pull/10165PROJECT
https://www.huntr.dev/bounties/a2fac2eb-100d-45b1-9ac7-71847c2f2b6b/THIRD_PARTY

Find vulnerabilities. Fix fast with AI.