The UI Performs the Wrong Action in snipe/snipe-it

Valid

Reported on

Oct 4th 2021


Description

Sensitive data on the application can be exposed after the user logout

Proof of Concept

1 Login to the application (https://demo.snipeitapp.com/)

2 Goto page like My Account , or Any other page

3 Click logout

4 Click browser back button

Impact

When a user logs out without closing the browser someone can view the information inside by clicking the back button on the browser.

We have contacted a member of the snipe/snipe-it team and are waiting to hear back a year ago
snipe validated this vulnerability a year ago
Asura-N has been awarded the disclosure bounty
The fix bounty is now up for grabs
snipe marked this as fixed with commit 9b4873 a year ago
The fix bounty has been dropped
This vulnerability will not receive a CVE
to join this conversation