icon

We found results for “

CVE-2021-3858

Severity Score

Weakness Type (CWE)

Cross-Site Request Forgery (CSRF)

CWE-352

Top Fix

icon

Upgrade Version

Upgrade to version snipe/snipe-it - dev-dependabot/github_actions/actions/checkout-4;snipe/snipe-it - dev-edit_eol_from_bulk;snipe/snipe-it - dev-fixes/no-NO-language;snipe/snipe-it - dev-fixes/fix_crash_on_purged_models_in_activity_report;snipe/snipe-it - dev-better_handle_inline_files;snipe/snipe-it - dev-feature/google_login_more_prominent;snipe/snipe-it - dev-dependabot/github_actions/codacy/codacy-analysis-cli-action-4.2.0;snipe/snipe-it - dev-fix_for_qr_on_old_label_engine;snipe/snipe-it - dev-features/blade_component_for_submit;snipe/snipe-it - dev-snyk-upgrade-bcc306620433a4ebeaaed8c3e4d4c9eb;snipe/snipe-it - dev-security/snyk_Upgrade-jspdf-autotable-from-3.8.1-to-3.8.2-14365;snipe/snipe-it - dev-snyk-upgrade-23af2ac368155dc386040447ab4dee5e;snipe/snipe-it - dev-snyk-upgrade-48895ab5d277cdb4eb4964f8cdb50fa9;snipe/snipe-it - v5.3.0;snipe/snipe-it - dev-fixes/handle_arrays_on_validation_failure;snipe/snipe-it - dev-features/add_accept_pdf_to_asset_endpoint;snipe/snipe-it - dev-dependabot/github_actions/develop/docker/build-push-action-6;snipe/snipe-it - dev-snyk-upgrade-d1d4efb81b36300732134b2424e46428;snipe/snipe-it - v6.0.0-RC-1;snipe/snipe-it - dev-bug/check_for_valid_category_on_print;snipe/snipe-it - dev-snyk-fix-109de929f33df8035195d2e8d005af8b;snipe/snipe-it - dev-fixes/added_2fa_string;snipe/snipe-it - dev-dependabot/github_actions/docker/build-push-action-5;snipe/snipe-it - dev-snyk-upgrade-c984383061fd11ea3aa23a32407aa002;snipe/snipe-it - dev-features/google_socialite;snipe/snipe-it - dev-dependabot/github_actions/actions/checkout-3;snipe/snipe-it - dev-dependabot/github_actions/actions/checkout-3.1.0;snipe/snipe-it - dev-fixes/make_boolean_user_fields_more_consistant;snipe/snipe-it - dev-fixes/apply_v6_currency_formatter;snipe/snipe-it - dev-improve_safety_csv_charset_detection;snipe/snipe-it - dev-dependabot/github_actions/develop/codacy/codacy-analysis-cli-action-4.4.1;snipe/snipe-it - dev-fixes/fixed_accessory_not_found_string;snipe/snipe-it - dev-dependabot/github_actions/develop/codacy/codacy-analysis-cli-action-4.4.0;sp2gr11/reservation - dev-tristan.bomans

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): MEDIUM
Authentication (AU): NONE
Confidentiality (C): PARTIAL
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us