snipe/snipe-it is vulnerable to improper access control. The vulnerability exists in the getRequestedIndex
function in AssetsController.php
due to insufficient user permissions to assets index which allows unauthorized users to access the system.