3 matches found
CVE-2022-3035 Cross-site Scripting (XSS) - Stored in snipe/snipe-it
Cross-site Scripting XSS - Stored in GitHub repository snipe/snipe-it prior to v6.0.11...
CVE-2022-3035 Cross-site Scripting (XSS) - Stored in snipe/snipe-it
Cross-site Scripting XSS - Stored in GitHub repository snipe/snipe-it prior to v6.0.11...
CVE-2022-3035
CVE-2022-3035 is a Stored XSS vulnerability affecting Snipe-IT prior to version 6.0.11. Multiple sources (NVD/NVD-listed entry, OSV, Veracode, CVE list) consistently describe Cross-site Scripting in the web app, originating from insufficient escaping/input handling in the UI when processing user ...