Lucene search
GoogleOSV:GHSA-HPX4-XJP7-M4VRHistoryApr 25, 2022 - 12:00 a.m.
Stored cross-site scripting in Snipe-IT
2022-04-2500:00:49
Google
osv.dev
21
0.001 Low
EPSS
Percentile
21.4%
Snipe-IT prior to version 5.4.3 is vulnerable to stored cross-site scripting because the input to the checked_out_to parameter is not escaped. The vulnerability is capable of stealing a user’s cookie.
Related
veracode
veracode
Cross-Site Scripting (XSS)
2022-04-25 10:49:19
prion
prion
Cross site scripting
2022-04-24 15:15:00
osv
osv
CVE-2022-1445
2022-04-24 15:15:07
nvd
nvd
CVE-2022-1445
2022-04-24 15:15:07
cvelist
cvelist
cve
cve
CVE-2022-1445
2022-04-24 15:15:07
github
github
Stored cross-site scripting in Snipe-IT
2022-04-25 00:00:49
huntr
huntr
Stored Cross Site Scripting vulnerability in the checked_out_to parameter
2022-04-23 08:34:27