Vulnerability in Grokability Snipe-it

CVE-2026-55452

Snipe-IT is an IT asset/license management system. Prior to 8.5.0, Actionlog::logaction() stores the request User-Agent header and ReportsController::postActivityReport() writes that value to the Activity Report CSV without formula escapin…

Affected products

Weakness classification (CWE)

References