Описание
Snipe-IT vulnerable to Improper Authentication
Snipe-IT prior to 6.0.10 is vulnerable to Improper Authentication. A user without the View and Modify License Files permission may access files uploaded to licenses as long as they have the View permission for licenses.
Пакеты
Наименование
snipe/snipe-it
composer
Затронутые версииВерсия исправления
< 6.0.10
6.0.10
Связанные уязвимости
CVSS3: 4.3
nvd
больше 3 лет назад
Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10.
CVSS3: 4.3
debian
больше 3 лет назад
Improper Authentication in GitHub repository snipe/snipe-it prior to 6 ...