Описание
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.19.
Уязвимые конфигурации
Конфигурация 1Версия от 9.5.0 (включая) до 10.0.19 (исключая)
cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00034
Низкий
4.5 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.5
ubuntu
около 1 месяца назад
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project's kanban. This is fixed in version 10.0.19.
CVSS3: 4.5
debian
около 1 месяца назад
GLPI is a Free Asset and IT Management Software package, Data center m ...
EPSS
Процентиль: 8%
0.00034
Низкий
4.5 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79