CVE-2024-51093

描述

Cross Site Scripting vulnerability in Snipe-IT v.7.0.13 allows a remote attacker to escalate privileges via an unknown part of the file /users/{{user-id}}/#files.

受影響套件(1)

• Packagist/snipe/snipe-itfrom 0, <= 7.0.13

CVSS 分數

參考連結(3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2024-51093
• PATCHhttps://github.com/snipe/snipe-it
• WEBhttps://gist.githubusercontent.com/Tommywarren/ca70f1c43f4ec34dc19cd13459535780/raw/d13192ae50bc7c024b922412dfa3f530faa8d5db/CVE-2024-51093