5 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-11036
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the...
Mageia: Security Advisory (MGASA-2020-0220)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for glpi (FEDORA-2020-ee30e1109f)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for glpi (FEDORA-2020-885e2343ed)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-11036
GLPI before version 9.4.6 is affected by multiple stored XSS vulnerabilities in the Knowledge Base item comments. The issue can be triggered by inserting a payload like in a comment, and can be exploited by an administrator via the User-Agent field, or by an attacker through a crafted user surna...