GHSA-6x4j-8954-5hxmMediumCVSS 5.8
Snipe-IT has a 2FA reset privilege bypass
🔗 CVE IDs covered (1)
📋 Description
Impact
A user who can edit other users could reset a superadmin's 2FA.
Patches
Patched in 8.5.0
🎯 Affected products1
- composer/snipe/snipe-it:< 8.5.0