Lucene search
+L

5 matches found

nessus
nessus
added 2025/09/10 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2023-22722

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade...

6.8CVSS6.6AI score0.00622EPSS
Exploits0References2
altlinux
altlinux
added 2023/03/22 12:0 a.m.66 views

Security fix for the ALT Linux 10 package glpi version 9.5.12-alt1

9.5.12-alt1 built March 22, 2023 Pavel Zilke in task 316955 March 18, 2023 Pavel Zilke - New version 9.5.12 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2023-22722 : XSS on browse views + CVE-2023-22725 : XSS on...

5.7AI score0.0073EPSS
Exploits0
nvd
nvd
added 2023/01/26 9:18 p.m.39 views

CVE-2023-22722

GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the...

6.8CVSS6.4AI score0.00622EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/01/25 5:58 a.m.8 views

CVE-2023-22722 glpi subject to Cross-site Scripting (XSS) - Reflected

GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the...

6.8CVSS6.6AI score0.00622EPSS
Exploits0References1
cve
cve
added 2023/01/25 5:58 a.m.72 views

CVE-2023-22722

CVE-2023-22722 concerns GLPI (Free Asset and IT Management). Affected: GLPI versions 9.4.0 and above, prior to 10.0.6; vulnerability is Cross-site Scripting achievable when a user opens a crafted URL. Successful exploit enables actions as the victim or exfiltration of session cookies. The issue i...

6.8CVSS6.1AI score0.00622EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder