Cross-site Scripting (XSS)
Overview snipe/snipe-it is an asset management system built on Laravel. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Accessory Checkout "Notes" field. An attacker can execute arbitrary JavaScript code in the context of an administrator's session by injectin...