snipe/snipe-it is vulnerable to remote code execution. The vulnerability exists in the Select User
function under the People Menu
component which allows an attacker with admin privileges to inject remote code to a user via maliciously crafted pdf files.
CPE | Name | Operator | Version |
---|---|---|---|
snipe/snipe-it | le | v6.0.6 | |
snipe/snipe-it | le | v6.0.6 |