CVE-2021-47841 MEDIUM

CVE-2021-47841: SnipCommand 0.1.0 - Persistent Cross-Site Scripting

Vendor Gurayyarar
Product SnipCommand
Weakness CWE-79 · XSS
Published January 16, 2026
Last update January 16, 2026

CVSS base score

5.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

What the vulnerability does

01Description

SnipCommand 0.1.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into command snippets. Attackers can execute arbitrary code by embedding malicious JavaScript that triggers remote command execution through file or title inputs.

Key dates

02Disclosure timeline

January 16, 2026 CVE published
January 16, 2026 Record updated