Vulnerabilities > Snipeitapp > Snipe IT > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-12 | CVE-2024-51093 | Cross-site Scripting vulnerability in Snipeitapp Snipe-It 7.0.13 Stored Cross-Site Scripting (XSS) vulnerability in Snipe-IT - v7.0.13 allows an attacker to upload a malicious XML file containing JavaScript code. | 8.7 |
| 2023-10-11 | CVE-2023-5511 | Unspecified vulnerability in Snipeitapp Snipe-It Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3. | 8.8 |
| 2022-08-25 | CVE-2022-2997 | Unspecified vulnerability in Snipeitapp Snipe-It Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10. | 8.0 |
| 2022-03-30 | CVE-2022-1155 | Unspecified vulnerability in Snipeitapp Snipe-It Old sessions are not blocked by the login enable function. | 7.4 |
| 2022-02-16 | CVE-2022-0611 | Unspecified vulnerability in Snipeitapp Snipe-It Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11. | 8.8 |
| 2021-12-18 | CVE-2021-4130 | Unspecified vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | 8.8 |
| 2021-12-06 | CVE-2021-4075 | Unspecified vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Server-Side Request Forgery (SSRF) | 7.2 |
| 2021-10-19 | CVE-2021-3858 | Cross-Site Request Forgery (CSRF) vulnerability in Snipeitapp Snipe-It snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | 8.8 |