NuytsTech Security

CVE-2022-1445

by ·

Stored Cross Site Scripting vulnerability in the checked_out_to parameter in GitHub repository snipe/snipe-it prior to 5.4.3. The vulnerability is capable of stolen the user Cookie.

Date published : 2022-04-24

https://huntr.dev/bounties/f4420149-5236-4051-a458-5d4f1d5b7abd

https://github.com/snipe/snipe-it/commit/f623d05d0c3487ae24c4f13907e4709484e5bf41

Tags: