Vulnerability CVE-2023-5452


Published: 2023-10-06

Description:
Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.2.2.

See advisories in our WLB2 database:
Topic
Author
Date
Low
SnipeIT 6.2.1 Stored Cross Site Scripting
Shahzaib Ali Kha...
13.03.2024

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://huntr.dev/bounties/d6ed5ac1-2ad6-45fd-9492-979820bf60c8
https://github.com/snipe/snipe-it/commit/eea2eabaeef16fc8f3a1d61b19c06e9fc8ed942a

Copyright 2024, cxsecurity.com

 

Back to Top