In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Missing Authorization vulnerabilities in an interactive lesson.
Start learningUpgrade snipe/snipe-it to version 8.5.1 or higher.
snipe/snipe-it is an asset management system built on Laravel.
Affected versions of this package are vulnerable to Missing Authorization in the process that retrieves S3 signature images. An attacker can access temporary signed S3 URLs for signature images by knowing the filename, allowing unauthorized retrieval of these images.