Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-363q-j92x-7543: Snipe-IT vulnerable to Cross Site Scripting for View Assigned Assets

Snipe-IT before 6.0.14 is vulnerable to Cross Site Scripting (XSS) for View Assigned Assets.

ghsa
Open in Source
#xss#git

Snipe-IT vulnerable to Cross Site Scripting for View Assigned Assets

Moderate severity GitHub Reviewed Published Dec 25, 2022 • Updated Dec 30, 2022

Related news

CVE-2022-44381: CENSUS | IT Security Works

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.

ghsa: Latest News

GHSA-rxq8-q85f-m866: Prevent XSS from Confidant API call
ghsa