Igor Terlevic

2 exploits Active since Dec 2025
CVE-2025-65621 WRITEUP MEDIUM WRITEUP
Snipeitapp Snipe-it < 8.3.4 - XSS
Snipe-IT before 8.3.4 allows stored XSS, allowing a low-privileged authenticated user to inject JavaScript that executes in an administrator's session, enabling privilege escalation.
CVSS 5.4
CVE-2025-65622 WRITEUP MEDIUM WRITEUP
Snipeitapp Snipe-it < 8.3.4 - XSS
Snipe-IT before 8.3.4 allows stored XSS via the Locations "Country" field, enabling a low-privileged authenticated user to inject JavaScript that executes in another user's session.
CVSS 5.4