Impact Unauthenticated attackers situated outside of the organization can disrupt request trac...">
CSRF to disrupt request tracking
Open the HTML file as a logged-in user
<img src="http://[SNIPE_IT]/account/request-asset/1">
Unauthenticated attackers situated outside of the organization can disrupt request tracking by sending the malicious HTML to a user which will cause them to request an asset.