Cross-Site Request Forgery (CSRF) in snipe/snipe-it

Valid

Reported on

Dec 16th 2021


Description

CSRF to disrupt request tracking

Proof of Concept

Open the HTML file as a logged-in user

<img src="http://[SNIPE_IT]/account/request-asset/1">

Impact

Unauthenticated attackers situated outside of the organization can disrupt request tracking by sending the malicious HTML to a user which will cause them to request an asset.

We are processing your report and will contact the snipe/snipe-it team within 24 hours. a year ago
We have contacted a member of the snipe/snipe-it team and are waiting to hear back a year ago
snipe validated this vulnerability a year ago
haxatron has been awarded the disclosure bounty
The fix bounty is now up for grabs
snipe marked this as fixed in 5.3.6 with commit 9b2dd6 a year ago
snipe has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation