Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10.
References
Link | Resource |
---|---|
https://github.com/snipe/snipe-it/commit/bdabbbd4e98e88ee01e728ceb4fd512661fbd38d | Patch Third Party Advisory |
https://huntr.dev/bounties/ebc26354-2414-4f72-88aa-f044aec2b2e1 | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: @huntrdev
Published: 2022-03-30T12:20:14
Updated: 2022-03-30T12:20:14
Reserved: 2022-03-29T00:00:00
Link: CVE-2022-1155
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-30T13:15:07.813
Modified: 2022-04-05T21:18:48.263
Link: CVE-2022-1155
JSON object: View
Redhat Information
No data.