Glpi@9.4.0 Security Vulnerabilities and Issues — Glpi@9.4.0 CVE List

Lucene search

Glpi-projectGlpi9.4.0

2 matches found

CVE•added 2023/07/05 8:15 p.m.•115 views

CVE-2023-34244

GLPI is a free asset and IT management software package. Starting in version 9.4.0 and prior to version 10.0.8, a malicious link can be crafted by an unauthenticated user that can exploit a reflected XSS in case any authenticated user opens the crafted link. Users should upgrade to version 10.0.8 t...

6.5CVSS6.1AI score0.00736EPSS

CVE•added 2023/01/26 9:18 p.m.•54 views

CVE-2023-22722

GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the vict...

6.8CVSS6.1AI score0.00215EPSS