Snipeitapp: >> Snipe-It >> 0.3.3 Security Vulnerabilities
Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie.
CVSS Score
9.0
EPSS Score
0.003
Published
2022-04-24
Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.
CVSS Score
9.1
EPSS Score
0.002
Published
2022-04-16
Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10.
CVSS Score
7.4
EPSS Score
0.002
Published
2022-03-30
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11.
CVSS Score
5.3
EPSS Score
0.001
Published
2022-02-17
Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11.
CVSS Score
6.3
EPSS Score
0.003
Published
2022-02-16
Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-02-14
Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9.
CVSS Score
5.3
EPSS Score
0.003
Published
2022-02-14
Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8.
CVSS Score
6.3
EPSS Score
0.002
Published
2022-01-13
snipe-it is vulnerable to Missing Authorization
CVSS Score
6.3
EPSS Score
0.002
Published
2022-01-12
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS Score
4.3
EPSS Score
0.002
Published
2021-12-18