Cross-site Scripting in snipe-it
Moderate severity
GitHub Reviewed
Published
Apr 17, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Apr 16, 2022
Published to the GitHub Advisory Database
Apr 17, 2022
Reviewed
Apr 27, 2022
Last updated
Jan 27, 2023
Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.
References