Vulnerabilities > Snipeitapp > Snipe IT > 6.0.2

DATE CVE VULNERABILITY TITLE RISK
2023-10-11 CVE-2023-5511 Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It
Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3.
network
low complexity
snipeitapp CWE-352
8.8
8.8
2023-10-06 CVE-2023-5452 Cross-site Scripting vulnerability in Snipeitapp Snipe-It
Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.2.2.
network
low complexity
snipeitapp CWE-79
5.4
5.4
2022-07-07 CVE-2022-32060 Cross-site Scripting vulnerability in Snipeitapp Snipe-It 6.0.2
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
network
low complexity
snipeitapp CWE-79
4.8
4.8
2022-07-07 CVE-2022-32061 Cross-site Scripting vulnerability in Snipeitapp Snipe-It 6.0.2
An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
network
snipeitapp CWE-79
3.5
3.5