3 matches found
CVE-2024-45611 GLPI has a stored XSS at src/RSSFeed.php
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can bypass the access control policy to create a private RSS feed attached to another user account and use a malicious payload t...
GLPI 跨站脚本漏洞
GLPI is an open source IT and asset management software from an individual developer. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and i...
PT-2024-10106 · Glpi +1 · Glpi +1
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.17 Description: The issue is related to the lack of protection of the web page structure in GLPI, allowing for a remote attacker to conduct a cross-site scripting XSS attack. An authenticated user can bypass access...