Security Advisories - snipe/snipe-it - Packagist

snipe/snipe-it Security Advisories for v6.0.14 (3)

[HIGH] Cross-Site Request Forgery (CSRF) in snipe/snipe-it

PKSA-vwgv-c27j-814j CVE-2023-5511 GHSA-33vj-r6p6-x4p8

Affected version: <=6.2.2

Reported by:
GitHub
[MEDIUM] Cross-site Scripting in snipe/snipe-it

PKSA-cht9-1vc6-6bmf CVE-2023-5452 GHSA-rr5c-69c9-gj9f

Affected version: <=6.2.1

Reported by:
GitHub
[MEDIUM] Snipe-IT allows attackers to check whether a user account exists

PKSA-jrdw-kz9p-4bz7 CVE-2022-44381 GHSA-qqv9-gqh5-7h99

Affected version: <=6.0.14

Reported by:
GitHub