GHSA-4w23-c97g-fq5v

GitHub Security Advisory

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

✓ GitHub Reviewed HIGH Has CVE

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)

Packagist snipe/snipe-it

Affected versions: 0 (fixed in 5.3.6)

CVE-2021-4130

GHSA ID

GHSA-4w23-c97g-fq5v

Published

January 5, 2022 8:33 PM

Last Modified

January 4, 2022 8:20 PM

CVSS Score

7.5 /10

Primary Ecosystem

Packagist

Primary Package

snipe/snipe-it

GitHub Reviewed

✓ Yes

Last updated: September 11, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.