Lucene search
PRIOn knowledge basePRION:CVE-2023-22722HistoryJan 26, 2023 - 9:18 p.m.
Cross site scripting
2023-01-2621:18:00
PRIOn knowledge base
www.prio-n.com
2
glpi
it management
cross-site scripting
vulnerability
version 9.4.0
version 10.0.6
exploitation
session cookies
0.001 Low
EPSS
Percentile
27.3%
GLPI is a Free Asset and IT Management Software package. Versions 9.4.0 and above, prior to 10.0.6 are subject to Cross-site Scripting. An attacker can persuade a victim into opening a URL containing a payload exploiting this vulnerability. After exploited, the attacker can make actions as the victim or exfiltrate session cookies. This issue is patched in version 10.0.6.
Related
cvelist
cvelist
CVE-2023-22722 glpi subject to Cross-site Scripting (XSS) - Reflected
2023-01-25 05:58:01
osv
osv
CVE-2023-22722
2023-01-26 21:18:12
ubuntucve
ubuntucve
CVE-2023-22722
2023-01-26 00:00:00
nvd
nvd
CVE-2023-22722
2023-01-26 21:18:12
cve
cve
CVE-2023-22722
2023-01-26 21:18:12
altlinux
altlinux
Security fix for the ALT Linux 9 package glpi version 9.5.12-alt1
2023-03-29 00:00:00
Security fix for the ALT Linux 10 package glpi version 9.5.12-alt1
2023-03-22 00:00:00