4 matches found
GHSA-4G25-WJ72-CHXG Snipe-IT allows stored XSS via the Locations "Country" field
Snipe-IT before 8.3.4 allows stored XSS via the Locations "Country" field, enabling a low-privileged authenticated user to inject JavaScript that executes in another user's session...
CVE-2025-65622
Snipe-IT before 8.3.4 allows stored XSS via the Locations "Country" field, enabling a low-privileged authenticated user to inject JavaScript that executes in another user's session...
Snipe-IT 安全漏洞
Snipe-IT is an open source IT asset/license management system from Grokability Open Source. A security vulnerability exists in Snipe-IT versions prior to 8.3.4 that stems from a stored cross-site scripting attack in the Locations Country field...
CVE-2025-65622
Snipe-IT before 8.3.4 allows stored XSS via the Locations "Country" field, enabling a low-privileged authenticated user to inject JavaScript that executes in another user's session...