Lucene search
K

5 matches found

ALT Linux
ALT Linux
added 2022/11/04 12:0 a.m.144 views

Security fix for the ALT Linux 9 package glpi version 9.5.10-alt1

Nov. 4, 2022 Pavel Zilke 9.5.10-alt1 - New version 9.5.10 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information +...

6.4AI score0.34251EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2022/11/03 4:15 p.m.13 views

CVE-2022-39375

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Users may be able to create a public RSS feed to inject malicious code in dashboards of other users...

5.4CVSS6.7AI score0.00488EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/11/03 12:0 a.m.6 views

CVE-2022-39375 Cross-Site Scripting (XSS) through public RSS feed in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Users may be able to create a public RSS feed to inject malicious code in dashboards of other users...

4.5CVSS4.9AI score0.00488EPSS
Exploits0References1
CVE
CVE
added 2022/11/03 12:0 a.m.78 views

CVE-2022-39375

CVE-2022-39375 affects GLPI (Gestionnaire Libre de Parc Informatique). The vulnerability allows a user to create a public RSS feed that can inject malicious code into dashboards viewed by other users. The issue has been patched; upgrade to GLPI version 10.0.4 or later. The initial description sta...

5.4CVSS5.4AI score0.00488EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/11/03 12:0 a.m.34 views

CVE-2022-39375 Cross-Site Scripting (XSS) through public RSS feed in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Users may be able to create a public RSS feed to inject malicious code in dashboards of other users...

4.5CVSS5.8AI score0.00488EPSS
Exploits0References1
Rows per page
Query Builder