Lucene search
Haxatron198A0D67-9189-4170-809B-0F8AEA43B063HistoryNov 05, 2021 - 4:49 a.m.
Cross-site Scripting (XSS) - Generic in snipe/snipe-it
2021-11-0504:49:43
haxatron
www.huntr.dev
10
0.001 Low
EPSS
Percentile
21.6%
Description
XSS in bulk audit function via the asset tag parameter
Proof of Concept
1: Go to http://<SNIPE_IT_APP>/hardware/bulkaudit feature
2: Use <script>alert(document.domain)</script> as "Asset Tag" parameter
3: Click "Audit", the XSS should be triggered via the message Asset Tag [ASSET_TAG] not found.
Impact
This vulnerability is capable of tricking users without knowledge of XSS to key in the malicious payload and thus steal the cookie or perform actions on behalf of them via Javascript execution. Due to CSRF protections, I am unable to escalate this further but thought I should report to you just in case you care about it.
Related
veracode
veracode
Cross-site Scripting (XSS)
2021-11-15 09:02:55
prion
prion
Cross site scripting
2021-11-13 09:15:00
osv
osv
snipe-it is vulnerable to Cross-site Scripting
2021-11-15 23:19:42
CVE-2021-3938
2021-11-13 09:15:07
cnvd
cnvd
Snipe-IT Cross-Site Scripting Vulnerability
2021-11-16 00:00:00
nvd
nvd
CVE-2021-3938
2021-11-13 09:15:07
github
github
snipe-it is vulnerable to Cross-site Scripting
2021-11-15 23:19:42
cve
cve
CVE-2021-3938
2021-11-13 09:15:07
cvelist
cvelist
CVE-2021-3938 Cross-site Scripting (XSS) - Generic in snipe/snipe-it
2021-11-13 08:35:10