In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Missing Authorization vulnerabilities in an interactive lesson.
Start learningUpgrade snipe/snipe-it to version 8.6.0 or higher.
snipe/snipe-it is an asset management system built on Laravel.
Affected versions of this package are vulnerable to Missing Authorization due to insufficient permission checks in the store method of the UsersController. An attacker can assign full administrative privileges to a newly created user by leveraging the users.create permission.