Stored Cross Site Scripting vulnerability in the checked_out_to parameter in snipe/snipe-it
Apr 23rd 2022
The checked_out_to is not escaped, which leads to a XSS problem.
Proof of Concept
1.Login to the demo account
3.Choose a Asset and goto Assets menu and check it out. new a location which is
'"><img src onerror=alert(3324)>and check the asset to this location
4.Return to Depreciation Report,refresh,a lert will be triggered
'"><img src onerror=alert(3324)>
The vulnerability is capable of stolen the user Cookie.