← back
CVE-2021-47841

SnipCommand 0.1.0 - Persistent Cross-Site Scripting

CVSS 5.1 MEDIUMEPSS 0.4%CWE-79
SnipCommand 0.1.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into command snippets. Attackers can execute arbitrary code by embedding malicious JavaScript that triggers remote command execution through file or title inputs.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
Affected products
gurayyarar · SnipCommand

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/gurayyarar/SnipCommandhttps://imgur.com/a/I2reH1Mhttps://www.exploit-db.com/exploits/49829https://www.vulncheck.com/advisories/snipcommand-persistent-cross-site-scripting