Vulnerability CVE-2022-1445


Published: 2022-04-24

Description:
Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie.

 References:
https://github.com/snipe/snipe-it/commit/f623d05d0c3487ae24c4f13907e4709484e5bf41
https://huntr.dev/bounties/f4420149-5236-4051-a458-5d4f1d5b7abd

Copyright 2026, cxsecurity.com

 

Back to Top