Описание
An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| snipe-it | itp | package |
Связанные уязвимости
CVSS3: 4.8
nvd
больше 3 лет назад
An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
CVSS3: 4.8
github
больше 3 лет назад
Snipe-IT 6.0.2 vulnerable to Cross-site Scripting