CVE-2021-3983: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

December 3, 2021

kimai2 is vulnerable to Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)

References

github.com/advisories/GHSA-67c7-5v9j-227r
github.com/kevinpapst/kimai2/commit/89bfa82c61da0d3639e4038e689e25467baac8a0
github.com/kevinpapst/kimai2/releases/tag/1.16.3
huntr.dev/bounties/c96f3480-dccf-4cc2-99a4-d2b3a7462413
nvd.nist.gov/vuln/detail/CVE-2021-3983

Code Behaviors & Features

Detect and mitigate CVE-2021-3983 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →