5 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-41941
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may...
Security fix for the ALT Linux 10 package glpi version 9.5.12-alt1
9.5.12-alt1 built March 22, 2023 Pavel Zilke in task 316955 March 18, 2023 Pavel Zilke - New version 9.5.12 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2023-22722 : XSS on browse views + CVE-2023-22725 : XSS on...
CVE-2022-41941
GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may store malicious code in help links. This issue is patched in 10.0.6...
CVE-2022-41941 glpi contains XSS Stored inside Standard Interface Help Link href attribute
GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may store malicious code in help links. This issue is patched in 10.0.6...
CVE-2022-41941
CVE-2022-41941 affects GLPI: versions 10.0.0 through 10.0.5 are vulnerable to a stored Cross-site Scripting (XSS) flaw in help links, enabling an administrator to store malicious code. Root cause: improper handling of help links allowing stored scripts. Impact: potential theft or manipulation of ...