Snipe-IT is an open source IT asset/license management system. Snipe-IT suffers from a cross-site scripting vulnerability that stems from the fact that the program is vulnerable to incorrect input during web page generation, which could be exploited by an attacker to execute arbitrary JavaScript.