Количество 5
Количество 5
CVE-2023-22722
GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the victim or exfiltrate session cookies. This issue is patched in version 10.0.6.
CVE-2023-22722
GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the victim or exfiltrate session cookies. This issue is patched in version 10.0.6.
CVE-2023-22722
GLPI is a Free Asset and IT Management Software package. Versions 9.4. ...
BDU:2024-05825
Уязвимость системы работы с заявками и инцидентами GLPI, связанная с неправильной нейтрализацией входных данных во время генерации веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
ROS-20240729-07
Множественные уязвимости glpi
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-22722 GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the victim or exfiltrate session cookies. This issue is patched in version 10.0.6. | CVSS3: 6.8 | 0% Низкий | почти 3 года назад |
 | CVE-2023-22722 GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the victim or exfiltrate session cookies. This issue is patched in version 10.0.6. | CVSS3: 6.8 | 0% Низкий | почти 3 года назад |
| CVE-2023-22722 GLPI is a Free Asset and IT Management Software package. Versions 9.4. ... | CVSS3: 6.8 | 0% Низкий | почти 3 года назад |
 | BDU:2024-05825 Уязвимость системы работы с заявками и инцидентами GLPI, связанная с неправильной нейтрализацией входных данных во время генерации веб-страницы, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS) | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
 | ROS-20240729-07 Множественные уязвимости glpi | CVSS3: 6.5 | больше 1 года назад |
Уязвимостей на страницу