Vulnerabilities > CVE-2022-44381 - Information Exposure Through Discrepancy vulnerability in Snipeitapp Snipe-It
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.