5 matches found
CVE-2022-24869
creationtimestamp| type| source ---|---|--- 2022-04-21 20:26:54+00:00| seen| https://t.me/cibsecurity/41235...
CVE-2022-24869
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to 10.0.0 one can use ticket's followups or setup login messages with a stylesheet link. This may allow for a cross site scripting attack...
CVE-2022-24869 Cross Site Scripting in GLPI
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to 10.0.0 one can use ticket's followups or setup login messages with a stylesheet link. This may allow for a cross site scripting attack...
CVE-2022-24869
CVE-2022-24869 affects GLPI releases prior to 10.0.0. The issue allows cross-site scripting via a stylesheet link injected in ticket followups or login messages, enabling an attacker to execute script in a user’s browser. Root cause: improper handling of stylesheet references in those areas. Impa...
CVE-2022-24869 Cross Site Scripting in GLPI
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to 10.0.0 one can use ticket's followups or setup login messages with a stylesheet link. This may allow for a cross site scripting attack...