Vulnerabilities > Snipeitapp

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-12	CVE-2024-51093	Cross-site Scripting vulnerability in Snipeitapp Snipe-It 7.0.13 Stored Cross-Site Scripting (XSS) vulnerability in Snipe-IT - v7.0.13 allows an attacker to upload a malicious XML file containing JavaScript code. network low complexity snipeitapp CWE-79	8.7
2023-10-11	CVE-2023-5511	Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3. network low complexity snipeitapp CWE-352	8.8
2023-10-06	CVE-2023-5452	Cross-site Scripting vulnerability in Snipeitapp Snipe-It Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.2.2. network low complexity snipeitapp CWE-79	5.4
2022-12-25	CVE-2022-44380	Cross-site Scripting vulnerability in Snipeitapp Snipe-It Snipe-IT before 6.0.14 is vulnerable to Cross Site Scripting (XSS) for View Assigned Assets. network low complexity snipeitapp CWE-79	5.4
2022-12-25	CVE-2022-44381	Information Exposure Through Discrepancy vulnerability in Snipeitapp Snipe-It Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request. network low complexity snipeitapp CWE-203	5.3
2022-09-17	CVE-2022-3173	Improper Authentication vulnerability in Snipeitapp Snipe-It Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10. network low complexity snipeitapp CWE-287	4.3
2022-08-29	CVE-2022-3035	Cross-site Scripting vulnerability in Snipeitapp Snipe-It Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.0.11. network low complexity snipeitapp CWE-79	4.8
2022-08-25	CVE-2022-2997	Session Fixation vulnerability in Snipeitapp Snipe-It Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10. network low complexity snipeitapp CWE-384	8.0
2022-07-07	CVE-2022-32060	Cross-site Scripting vulnerability in Snipeitapp Snipe-It 6.0.2 An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. network low complexity snipeitapp CWE-79	4.8
2022-07-07	CVE-2022-32061	Cross-site Scripting vulnerability in Snipeitapp Snipe-It 6.0.2 An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. network low complexity snipeitapp CWE-79	4.8

Vulnerabilities > Snipeitapp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Snipeitapp"}]}

Vulnerabilities > Snipeitapp