CVE-2019-10118 (snipe-it)

Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and the user’s last name in the API.
Source: NIST
CVE-2019-10118 (snipe-it)