PT-2026-51636
Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.6.2 Description A cross-tenant data injection issue exists in the Accessories API when Full Multiple Companies Support is enabled. A low-privileged authenticated user can create accessory records belonging to a...