Snipeitapp: >> Snipe-It >> 6.0.2 Security Vulnerabilities
Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-09-17
Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.0.11.
CVSS Score
5.9
EPSS Score
0.002
Published
2022-08-29
Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.
CVSS Score
4.6
EPSS Score
0.003
Published
2022-08-25
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
CVSS Score
4.8
EPSS Score
0.05
Published
2022-07-07
An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
CVSS Score
4.8
EPSS Score
0.004
Published
2022-07-07
Page 2