2 matches found
CVE-2024-51093
Stored Cross-Site Scripting XSS vulnerability in Snipe-IT - v7.0.13 allows an attacker to upload a malicious XML file containing JavaScript code. This can lead to privilege escalation when the payload is executed, granting the attacker super admin permissions within the Snipe-IT system...
Repox Code Issues Vulnerabilities
Repox is a framework for managing data spaces from Repox. A code issue vulnerability exists in Repox 2.3.7 and earlier versions, which stems from the presence of an XML External Entity Injection XXE vulnerability. An attacker can exploit this vulnerability to upload malicious XML data via the...