exploitDog

GHSA-m4cm-4fqh-fvr3

Опубликовано: 16 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 6.1

Описание

SnipCommand 0.1.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into command snippets. Attackers can execute arbitrary code by embedding malicious JavaScript that triggers remote command execution through file or title inputs.

SnipCommand 0.1.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into command snippets. Attackers can execute arbitrary code by embedding malicious JavaScript that triggers remote command execution through file or title inputs.

Ссылки

EPSS

Процентиль: 15%

0.0005

Низкий

5.1 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-47841

CVSS3: 6.1

nvd

22 дня назад

SnipCommand 0.1.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into command snippets. Attackers can execute arbitrary code by embedding malicious JavaScript that triggers remote command execution through file or title inputs.

EPSS

Процентиль: 15%

0.0005

Низкий

5.1 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79