snipe/snipe-it is vulnerable to privilege escalation. The vulnerability exists because it does not properly handle the user privileges in the show
function in the ‘SuppliersController.php’ file allowing a user to gain privileges and unauthorized access to confidential resources in the supplier module.