Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-35945

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licens...

6.3CVSS7.2AI score0.00538EPSS
Exploits0References2
ALT Linux
ALT Linux
added 2022/09/23 12:0 a.m.36 views

Security fix for the ALT Linux 9 package glpi version 9.5.9-alt1

9.5.9-alt1 built Sept. 23, 2022 Pavel Zilke in task 307140 Sept. 14, 2022 Pavel Zilke - New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API +...

8.6AI score0.99628EPSS
Exploits13
ALT Linux
ALT Linux
added 2022/09/16 12:0 a.m.101 views

Security fix for the ALT Linux 10 package glpi version 9.5.9-alt1

9.5.9-alt1 built Sept. 16, 2022 Pavel Zilke in task 306811 Sept. 14, 2022 Pavel Zilke - New version 9.5.9 - This release fixes several critical security issues that has been recently discovered. Update is strongly recommended! - Security fixes: + CVE-2022-35945 : XSS through registration API +...

8.6AI score0.99628EPSS
Exploits13
CVE
CVE
added 2022/09/14 5:45 p.m.77 views

CVE-2022-35945

GLPI (Gestionnaire Libre de Parc Informatique) is affected by CVE-2022-35945 due to improper escaping of data on the registration key configuration page, enabling theft of an administrator cookie. The issue is addressed by upgrading to GLPI 10.0.3 or later; there are no documented workarounds in ...

6.3CVSS6.5AI score0.00538EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/14 5:45 p.m.8 views

CVE-2022-35945 Cross site scripting (XSS) via registration API in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Information associated to registration key are not properly escaped in registration key configuration...

6.3CVSS6.2AI score0.00538EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/14 5:45 p.m.32 views

CVE-2022-35945 Cross site scripting (XSS) via registration API in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Information associated to registration key are not properly escaped in registration key configuration...

6.3CVSS6.4AI score0.00538EPSS
Exploits0References2
Rows per page
Query Builder