Lucene search
K

4 matches found

NVD
NVD
added 2019/07/15 6:15 p.m.17 views

CVE-2019-1010307

GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting XSS. The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens...

5.4CVSS5.5AI score0.0076EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2019/07/15 6:15 p.m.31 views

CVE-2019-1010307

GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting XSS. The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens...

5.4CVSS6.1AI score0.0076EPSS
Exploits1References3
Cvelist
Cvelist
added 2019/07/15 5:5 p.m.21 views

CVE-2019-1010307

GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting XSS. The impact is: All dropdown values are vulnerable to XSS leading to privilege escalation and executing js on admin. The component is: /glpi/ajax/getDropDownValue.php. The attack vector is: 1- User Create a ticket , 2- Admin opens...

5.5AI score0.0076EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2019/07/12 6:15 p.m.34 views

CVE-2019-1010310

GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection allowing admins to phish users by putting code in reminder description. The impact is: Admins can phish any user or group of users for credentials / credit cards. The component is: Tools Reminder Description .. Set the...

3.5CVSS5.9AI score0.00718EPSS
Exploits0References3
Rows per page
Query Builder