2 matches found
Cross-site Scripting (XSS)
Overview glpi/glpi is a free Asset and IT Management Software package with ITIL Service Desk, licenses tracking and software auditing. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the search page when an anonymous ticket creation is enabled. Details Cross-site...
PT-2025-6929 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.18 Description: The issue allows a malicious link to be crafted to perform a reflected XSS attack on the search page. If anonymous ticket creation is enabled, this attack can be performed by an unauthenticated user...