CVE-2022-44381
5.3MEDIUMSnipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.
게시됨: 12/25/2022업데이트됨: 4/15/2025
설명
Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.
AI 분석AI 기반
영향받는 제품
snipeitappsnipe-it
참조
- https://census-labs.com/news/2022/12/23/multiple-vulnerabilities-in-snipe-it/ExploitThird Party Advisory
- https://census-labs.com/news/2022/12/23/multiple-vulnerabilities-in-snipe-it/ExploitThird Party Advisory