5 matches found
Security fix for the ALT Linux 9 package glpi version 9.5.10-alt1
Nov. 4, 2022 Pavel Zilke 9.5.10-alt1 - New version 9.5.10 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information +...
CVE-2022-39375
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Users may be able to create a public RSS feed to inject malicious code in dashboards of other users...
CVE-2022-39375 Cross-Site Scripting (XSS) through public RSS feed in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Users may be able to create a public RSS feed to inject malicious code in dashboards of other users...
CVE-2022-39375
CVE-2022-39375 affects GLPI (Gestionnaire Libre de Parc Informatique). The vulnerability allows a user to create a public RSS feed that can inject malicious code into dashboards viewed by other users. The issue has been patched; upgrade to GLPI version 10.0.4 or later. The initial description sta...
CVE-2022-39375 Cross-Site Scripting (XSS) through public RSS feed in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Users may be able to create a public RSS feed to inject malicious code in dashboards of other users...