5 matches found
CVE-2021-21258
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI from version 9.5.0 and before version 9.5.4, there is a cross-site scripting injection vulnerability when using ajax/kanban.php. This is fixed...
Cross site scripting
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI from version 9.5.0 and before version 9.5.4, there is a cross-site scripting injection vulnerability when using ajax/kanban.php. This is fixed...
CVE-2021-21258
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI from version 9.5.0 and before version 9.5.4, there is a cross-site scripting injection vulnerability when using ajax/kanban.php. This is fixed...
CVE-2021-21258 XSS injection in ajax/kanban
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI from version 9.5.0 and before version 9.5.4, there is a cross-site scripting injection vulnerability when using ajax/kanban.php. This is fixed...
CVE-2021-21258
CVE-2021-21258 affects GLPI prior to 9.5.4: a cross-site scripting (XSS) vulnerability in ajax/kanban.php allows injection of script via user-provided input. The issue originates from insufficient input sanitization and is fixed in GLPI version 9.5.4. Affected range is GLPI 9.5.0–9.5.3; GLPI 9.5....