5 matches found
Security fix for the ALT Linux 9 package glpi version 9.5.10-alt1
Nov. 4, 2022 Pavel Zilke 9.5.10-alt1 - New version 9.5.10 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information +...
CVE-2022-39372
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Authenticated users may store malicious code in their account information. This issue has been patche...
CVE-2022-39372 Stored Cross-Site Scripting (XSS) in user information in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Authenticated users may store malicious code in their account information. This issue has been patche...
CVE-2022-39372
GLPI, CVE-2022-39372, affects GLPI before 10.0.13 (updates also mention 10.0.15 as a fix level). Connected sources document multiple vulnerabilities in GLPI’s components across versions prior to 10.0.13/10.0.15, including: SQL injection in search/map/search-related features, SSRF, and cross‑site ...
CVE-2022-39372 Stored Cross-Site Scripting (XSS) in user information in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Authenticated users may store malicious code in their account information. This issue has been patche...