EPSS
Percentile
21.4%
snipe/snipe-it is vulnerable to cross-site scripting. Lack of sanitization of the user requestable results enable an attacker to inject malicious script to steal user cookie.
github.com/snipe/snipe-it/commit/698c7f4904f8fd843c5b9761053c9c68819ec288
github.com/snipe/snipe-it/commit/f211c11034baf4281aa62e7b5e0347248d995ee9
huntr.dev/bounties/3d45cfca-3a72-4578-b735-98837b998a12