Published: 26/01/2023 Updated: 02/02/2023

CVSS v3 Base Score: 4.8 | Impact Score: 2.7 | Exploitability Score: 1.7

VMScore: 0

GLPI is a Free Asset and IT Management Software package. Versions 0.6.0 and above, before 10.0.6 are vulnerable to Cross-site Scripting. This vulnerability allow for an administrator to create a malicious external link. This issue is patched in 10.0.6.

Vulnerable Product	Search on Vulmon	Subscribe to Product
glpi-project glpi

Burp Plugin for Contrast Security

Burptrast Burptrast is designed to pull endpoint information from Teamserver and import it into Burp's sitemap The endpoints come from two sources Assess Vulnerability information Endpoints detected by the agent The full HTTP Request that generated the Vulnerability is stored in TS and is available via the API This is imported into Burp While there is likely to be

CWE-79 https://github.com/glpi-project/glpi/security/advisories/GHSA-f5g6-fxrw-pfj7 https://nvd.nist.gov https://github.com/Contrast-Security-OSS/Burptrast

CVE-2023-22725

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect