CVE-2021-47841
MEDIUMSnipCommand 0.1.0 - XSS
Title source: llmDescription
SnipCommand 0.1.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into command snippets. Attackers can execute arbitrary code by embedding malicious JavaScript that triggers remote command execution through file or title inputs.
Exploits (1)
exploitdb
WORKING POC
by TaurusOmar · javascriptwebappsmultiple
https://www.exploit-db.com/exploits/49829
Scores
CVSS v3
6.1
EPSS
0.0002
EPSS Percentile
5.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Classification
CWE
CWE-79
Status
draft
Timeline
Published
Jan 16, 2026
Tracked Since
Feb 18, 2026