5 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-22722
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade...
Security fix for the ALT Linux 10 package glpi version 9.5.12-alt1
9.5.12-alt1 built March 22, 2023 Pavel Zilke in task 316955 March 18, 2023 Pavel Zilke - New version 9.5.12 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2023-22722 : XSS on browse views + CVE-2023-22725 : XSS on...
CVE-2023-22722
GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the...
CVE-2023-22722 glpi subject to Cross-site Scripting (XSS) - Reflected
GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the...
CVE-2023-22722
CVE-2023-22722 concerns GLPI (Free Asset and IT Management). Affected: GLPI versions 9.4.0 and above, prior to 10.0.6; vulnerability is Cross-site Scripting achievable when a user opens a crafted URL. Successful exploit enables actions as the victim or exfiltration of session cookies. The issue i...