CVE-2022-1380

Published April 16th, 2022

View on NVD ↗

CVSS v3

5.4

MEDIUM

CVSS v2

3.5

LOW

Affected

PROJECT

Description

Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.

grokability/snipe-it

A free open source IT asset/license management system

GitHub

13.9K