GHSA-g92x-8m54-p89v

GitHub Security Advisory

Cross-Site Request Forgery in snipe-it

✓ GitHub Reviewed MODERATE Has CVE

snipe-it is vulnerable to Cross-Site Request Forgery (CSRF).

Packagist snipe/snipe-it

Affected versions: 0 (fixed in 5.3.0)

CVE-2021-3858

GHSA ID

GHSA-g92x-8m54-p89v

Published

October 21, 2021 5:48 PM

Last Modified

October 22, 2021 1:56 PM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

snipe/snipe-it

GitHub Reviewed

✓ Yes

Last updated: September 12, 2025 6:34 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.