CVE-2022-2997

Session Fixation in snipe/snipe-it

CVSS 4.6 MEDIUMEPSS 0.7%CWE-384

Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Affected products

snipe · snipe/snipe-it

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/snipe/snipe-it/commit/6fde72a69335c80079363b7d26aa94e7f67400e1 https://huntr.dev/bounties/c09bf21b-50d2-49f0-8c92-49f6b3c358d8