The vulnerability of the password reset function of the Snipe-IT asset management system allows a hacker to obtain a password reset token and access the account.
The vulnerability of the password reset function in the Snipe-IT asset management system is related to incorrect elimination of certain elements in the output data. Exploiting this vulnerability can allow a malicious actor to obtain a password reset token and access to the account by sending a...