2 matches found
CVE-2022-0569 Observable Discrepancy in snipe/snipe-it
Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9...
CVE-2022-0569
CVE-2022-0569 affects snipe/snipe-it, prior to v5.3.9, with an information-disclosure flaw caused by differences in password-reset responses that can enumerate registered user emails. Impact is information disclosure (email enumeration) and potential brute-force risk implied by exposed email list...