[MEDIUM] Snipe-IT has Stored XSS via Component Checkout Notes (v8.4.0)

PKSA-t5t8-ptsk-b8c5 CVE-2026-44831 GHSA-r42m-953q-6vjx

Affected package: snipe/snipe-it

Affected version: <8.4.1

Reported by:
GitHub