2694 matches found
PT-2025-31389 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions 0.65 through 10.0.18 Description: GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.65 through 10.0.18, a technician can use...
CVE-2025-27514
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.1...
UBUNTU-CVE-2025-27514
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.1...
CVE-2025-27514 GLPI is susceptible to Stored XSS attack through project's kanban
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.1...
CVE-2025-27514
GLPI CVE-2025-27514 affects GLPI versions 9.5.0–10.0.18. A malicious payload can trigger a stored XSS on the project’s Kanban, when processed by the application. Root cause described as a stored XSS vulnerability in the Kanban component; exploitation details are not expanded beyond this descripti...
CVE-2025-27514 GLPI is susceptible to Stored XSS attack through project's kanban
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.1...
CVE-2025-27514 GLPI is susceptible to Stored XSS attack through project's kanban
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.1...
PT-2025-31390
Name of the Vulnerable Software and Affected Versions GLPI versions 0.78 through 10.0.18 Description GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.78 through 10.0.18, a connected user can...
GLPI 安全漏洞
GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...
PT-2025-31227 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions 9.5.0 through 10.0.18 Description: GLPI is an Asset and IT Management Software package. A technician can utilize a malicious payload to trigger a stored Cross-Site Scripting XSS issue on the project's kanban. Recommendations:...
ROS-20250722-02
Vulnerabilities in GLPI's asset management and data center software are related to an excessive amount of data output by the application. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially sensitive information...
ROS-20250717-01
GLPI asset and data center management software vulnerability is related to incorrect access restrictions in the API. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to sensitive information...
ROS-20250717-02
Vulnerability of the auxiliary ticket escalation tool in the Escalade GLPI plugin is related to incorrect access controls. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information...
CVE-2025-27153
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
CVE-2025-27153
CVE-2025-27153 concerns the Escalade GLPI plugin for GLPI. Prior to version 2.9.11, an improper access control vulnerability could allow exposure of data and disrupt workflows. The issue has been patched in version 2.9.11. The published metrics indicate a base CVSS v3.1 score of 6.5 (MEDIUM) with...
CVE-2025-27153 Escalade GLPI Plugin Vulnerable to Improper Access Control
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11...
PT-2025-27573 · Glpi +1 · Escalade Glpi Plugin +1
Name of the Vulnerable Software and Affected Versions: Escalade GLPI plugin versions prior to 2.9.11 Description: The issue is related to improper access control, which can lead to data exposure and workflow disruptions. Recommendations: For versions prior to 2.9.11, update to version 2.9.11 to...
Escalade GLPI plugin 访问控制错误漏洞
Escalade GLPI plugin is an open source GLPI extension plugin for GLPI Project Plugins. An Access Control Error vulnerability exists in Escalade GLPI plugin versions prior to 2.9.11, which stems from improper access control and could lead to data disclosure and workflow disruption...