Snipeitapp: >> Snipe-It >> 4.0.0 Security Vulnerabilities
Missing Authorization in GitHub repository snipe/snipe-it prior to 5.4.4.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-04-28
Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie.
CVSS Score
9.0
EPSS Score
0.003
Published
2022-04-24
Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.
CVSS Score
9.1
EPSS Score
0.002
Published
2022-04-16
Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10.
CVSS Score
7.4
EPSS Score
0.002
Published
2022-03-30
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-02-17
Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11.
CVSS Score
6.3
EPSS Score
0.003
Published
2022-02-16
Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-02-14
Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9.
CVSS Score
5.3
EPSS Score
0.003
Published
2022-02-14
Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8.
CVSS Score
6.3
EPSS Score
0.002
Published
2022-01-13
snipe-it is vulnerable to Missing Authorization
CVSS Score
6.3
EPSS Score
0.002
Published
2022-01-12