3 matches found
CVE-2026-44831
Snipe-IT is an IT asset/license management system. Prior to 8.4.1, users with component view access could be impacted by an unescaped notes column, resulting in cross-site scripting XSS. This vulnerability is fixed in 8.4.1...
Snipe-IT 跨站脚本漏洞
Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Versions of Snipe-IT prior to 8.4.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from unescaped notes columns, which could lead to cross-site scripting attacks...
PT-2026-39299
Name of the Vulnerable Software and Affected Versions Snipe-IT versions prior to 8.4.1 Description Users with component view access can be affected by cross-site scripting XSS, a flaw where malicious scripts are injected into trusted websites, due to an unescaped notes column. Recommendations...