Snipe Snipe-It vulnerabilities
57 known vulnerabilities affecting snipe/snipe-it.
Total CVEs
57
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH14MEDIUM39LOW3
Vulnerabilities
Page 2 of 3
CVE-2026-48493P4MEDIUM≥ 0, < 8.6.02026-06-23
CVE-2026-48493 [MEDIUM] CWE-863 Snipe-IT Vulnerable to Privilege Escalation for self via API Permissions Assignment
Snipe-IT Vulnerable to Privilege Escalation for self via API Permissions Assignment
### Impact
A user with only users.edit AND api permissions can send a PATCH to /api/v1/users/{their_own_id} and grant themselves any permission except admin and superuser — for example `assets.view`, `assets.create`, `reports.view`, import, etc.
### Patches
Patched in https://github.com/grokabilit
ghsa
CVE-2026-44833P4MEDIUM≥ 0, < 8.4.12026-05-08
CVE-2026-44833 [MEDIUM] CWE-601 Snipe-IT has an open redirect vulnerability
Snipe-IT has an open redirect vulnerability
Open redirect vulnerability in Snipe-IT allows attackers to redirect users to malicious sites via unvalidated HTTP Referer header stored in session variable.
### Impact
- **Phishing**: Redirect users to fake login pages to steal credentials
- **Session Hijacking**: Redirect to attacker site that captures session cookies via JavaScript
- **Malware Distribution**: Redirect to
ghsa
CVE-2022-0178P4MEDIUM≥ 0, < 5.3.82022-01-26
CVE-2022-0178 [MEDIUM] CWE-284 Improper Access Control in snipe-it
Improper Access Control in snipe-it
Users with no system permissions are able to see and create personal access tokens
ghsaosv
CVE-2022-44381P4MEDIUM≥ 0, ≤ 6.0.142022-12-25
CVE-2022-44381 [MEDIUM] CWE-203 Snipe-IT allows attackers to check whether a user account exists
Snipe-IT allows attackers to check whether a user account exists
Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.
ghsaosv
CVE-2025-65622P4MEDIUM≥ 0, < 8.3.42025-12-02
CVE-2025-65622 [MEDIUM] CWE-79 Snipe-IT allows stored XSS via the Locations "Country" field
Snipe-IT allows stored XSS via the Locations "Country" field
Snipe-IT before 8.3.4 allows stored XSS via the Locations "Country" field, enabling a low-privileged authenticated user to inject JavaScript that executes in another user's session.
ghsaosv
CVE-2025-65621P4MEDIUM≥ 0, < 8.3.42025-12-01
CVE-2025-65621 [MEDIUM] CWE-269 Snipe-IT is vulnerable to stored cross-site scripting
Snipe-IT is vulnerable to stored cross-site scripting
Snipe-IT before 8.3.4 allows stored XSS, allowing a low-privileged authenticated user to inject JavaScript that executes in an administrator's session, enabling privilege escalation.
ghsaosv
CVE-2025-64027P4MEDIUM≥ 0, ≤ 8.3.42025-11-20
CVE-2025-64027 [MEDIUM] CWE-79 Snipe-IT has Cross-site Scripting vulnerability in CSV import workflow
Snipe-IT has Cross-site Scripting vulnerability in CSV import workflow
Snipe-IT v8.3.4 (build 20218) contains a reflected cross-site scripting (XSS) vulnerability in the CSV Import workflow. When an invalid CSV file is uploaded, the application returns a progress_message value that is rendered as raw HTML in the admin interface. An attacker can intercept and modify the POST /livewire/update req
ghsaosv
CVE-2022-32060P4MEDIUM≥ 0, ≤ 6.0.22022-07-08
CVE-2022-32060 [MEDIUM] CWE-79 Snipe-IT 6.0.2 vulnerable to Cross-site Scripting via arbitrary file upload in Update Branding Settings
Snipe-IT 6.0.2 vulnerable to Cross-site Scripting via arbitrary file upload in Update Branding Settings
An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
ghsaosv
CVE-2019-10118P4MEDIUM≥ 0, < 4.6.142022-05-14
CVE-2019-10118 [MEDIUM] CWE-79 Snipe-IT XSS Vulnerability
Snipe-IT XSS Vulnerability
Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and the user's last name in the API.
ghsaosv
CVE-2022-1380P4MEDIUM≥ 0, < 5.4.32022-04-17
CVE-2022-1380 [MEDIUM] CWE-79 Cross-site Scripting in snipe-it
Cross-site Scripting in snipe-it
Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.
ghsaosv
CVE-2022-1445P4MEDIUM≥ 0, < 5.4.32022-04-25
CVE-2022-1445 [MEDIUM] CWE-79 Stored cross-site scripting in Snipe-IT
Stored cross-site scripting in Snipe-IT
Snipe-IT prior to version 5.4.3 is vulnerable to stored cross-site scripting because the input to the `checked_out_to` parameter is not escaped. The vulnerability is capable of stealing a user's cookie.
ghsaosv
CVE-2026-44831P4MEDIUM≥ 0, < 8.4.12026-05-08
CVE-2026-44831 [MEDIUM] CWE-79 Snipe-IT has Stored XSS via Component Checkout Notes (v8.4.0)
Snipe-IT has Stored XSS via Component Checkout Notes (v8.4.0)
### Impact
Users with component view access could be impacted by an unescaped `notes` column.
### Patches
This was patched in https://github.com/grokability/snipe-it/commit/28f493d84d057895fbb93b6570e7393a2c2fa438, and is fixed in v8.4.1 or greater.
### Workarounds
None.
ghsa
CVE-2022-32061P4MEDIUM≥ 0, ≤ 6.0.22022-07-08
CVE-2022-32061 [MEDIUM] CWE-79 Snipe-IT 6.0.2 vulnerable to Cross-site Scripting
Snipe-IT 6.0.2 vulnerable to Cross-site Scripting
An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file.
ghsaosv
CVE-2021-3879P4MEDIUM≥ 0, < 5.3.02021-10-21
CVE-2021-3879 [MEDIUM] CWE-79 Cross-site Scripting in snipe-it
Cross-site Scripting in snipe-it
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ghsaosv
CVE-2021-4108P4MEDIUM≥ 0, < 5.3.52021-12-16
CVE-2021-4108 [MEDIUM] CWE-79 snipe-it is vulnerable to Cross-site Scripting
snipe-it is vulnerable to Cross-site Scripting
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
ghsaosv
CVE-2021-3863P4MEDIUM≥ 0, < 5.3.02021-10-21
CVE-2021-3863 [MEDIUM] CWE-79 Cross-site Scripting in snipe-it
Cross-site Scripting in snipe-it
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ghsaosv
CVE-2021-3961P4HIGH≥ 0, < 5.3.22021-11-23
CVE-2021-3961 [HIGH] CWE-79 Cross-site Scripting in snipe/snipe-it
Cross-site Scripting in snipe/snipe-it
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ghsaosv
CVE-2021-4018P4MEDIUM≥ 0, < 5.3.32021-12-03
CVE-2021-4018 [MEDIUM] CWE-79 snipe-it is vulnerable to Cross-site Scripting
snipe-it is vulnerable to Cross-site Scripting
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
ghsaosv
CVE-2021-3938P4LOW≥ 0, < 5.4.02021-11-15
CVE-2021-3938 [LOW] CWE-79 snipe-it is vulnerable to Cross-site Scripting
snipe-it is vulnerable to Cross-site Scripting
snipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
ghsaosv
CVE-2022-44380P4MEDIUM≥ 0, < 6.0.142022-12-25
CVE-2022-44380 [MEDIUM] CWE-79 Snipe-IT vulnerable to Cross Site Scripting for View Assigned Assets
Snipe-IT vulnerable to Cross Site Scripting for View Assigned Assets
Snipe-IT before 6.0.14 is vulnerable to Cross Site Scripting (XSS) for View Assigned Assets.
ghsaosv