4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
18.0%
GLPI is open source software which stands for Gestionnaire Libre de Parc
Informatique and it is a Free Asset and IT Management Software package. In
GLPI before verison 9.5.4, there is a vulnerability within the document
upload function (Home > Management > Documents > Add, or
/front/document.form.php endpoint), indeed one of the form field: “Web
Link” is not properly sanitized and a malicious user (who has document
upload rights) can use it to deliver JavaScript payload. For example if you
use the following payload: " accesskey=“x” onclick=“alert(1)” x=", the
content will be saved within the database without any control. And then
once you return to the summary documents page, by clicking on the “Web
Link” of the newly created file it will create a new empty tab, but on the
initial tab the pop-up “1” will appear.
4.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
18.0%