An open redirect vulnerability in Snipe-IT IT asset/license management system allows attackers to redirect users to malicious sites via unvalidated HTTP Referer header stored in session variable. The vulnerability exists in versions prior to 8.4.1 and was fixed in version 8.4.1. The CVSS 3.1 vector indicates attack vector is adjacent network, low attack complexity, low privileges required, user interactio [truncated]
An authenticated privilege escalation vulnerability in Snipe-IT allows users with only users.edit permission to grant themselves full administrative access. The API endpoint /api/v1/users/{id} fails to properly validate permission modifications, stripping only the superuser key while permitting admin and other elevated permissions to be set. This represents an authorization bypass where insufficient serve [truncated]
A stored cross-site scripting (XSS) vulnerability exists in Snipe-IT, an open-source IT asset and license management platform. The flaw affects versions prior to 8.4.1 and resides in the unescaped rendering of the notes column within the components module. Users with component view access can trigger or be affected by this vulnerability when malicious scripts are embedded in notes fields and subsequently [truncated]
