ROS-20230619-01

The vulnerability in the GLPI web application is related to insufficient cleansing of user data in the administration panel of the
administration panel, a user could inject and execute arbitrary HTML code and script in the browser of a
user’s browser in the context of a vulnerable website. Exploitation of the vulnerability could allow an intruder,
acting remotely, to steal potentially sensitive information, modify the appearance of a web page, perform phishing, and exploit the vulnerability.
of a web page, execute phishing and drive-by download attacks.

The vulnerability in the GLPI web application is due to insufficient cleansing of user data at the endpoint of the
GLPI inventory, an unauthenticated user can send a specially
crafted query to the vulnerable application and execute arbitrary SQL commands on the application’s database.
Exploitation of the vulnerability could allow an attacker acting remotely to read, delete, modify the
data in the database and gain full control over the vulnerable application.

A vulnerability in the Fields plug-in of the GLPI web application is related to a lack of access control validation.
Exploitation of the vulnerability could allow an attacker to write data to any Fields container, including
including those to which he or she does not have configured access.

The GLPI web application vulnerability is related to insufficient cleansing of user data when processing
external links, a user can inject and execute arbitrary HTML code and script in the user’s browser in the context of a vulnerable website.
user’s browser in the context of a vulnerable website. Exploitation of the vulnerability could allow an intruder,
acting remotely, to steal potentially sensitive information, modify the appearance of a web page, perform phishing, and exploit the vulnerability.
of a web page, execute phishing and drive-by download attacks.

The vulnerability in the GLPI web application is related to a lack of authorization that allows a user with the profile of a
“Technical Specialist” to view and generate a personal token for the super administrator. Exploitation of the
of the vulnerability could allow an attacker to negotiate a GLPI session and take over the account of the
of the super administrator.

The GLPI web application vulnerability involves improper privilege management, an authenticated
user can modify the email addresses of any other user of the application, including the
administrator’s email address. Exploitation of the vulnerability could allow an attacker to use
to hijack an arbitrary account using the “forgotten password” feature and recover the password to the
changed email address.

A vulnerability in the GLPI web application is related to insufficient validation of user-entered data in the
RSS autodiscovery function, the user could send a specially crafted HTTP request and trick the
application to initiate requests to arbitrary systems. Exploitation of the vulnerability could
allow an attacker acting remotely to gain access to sensitive data located on the
local network or send malicious requests to other servers from a vulnerable system.

The GLPI web application vulnerability is related to insufficient cleansing of user data on search pages
searches, an attacker could force a victim to click on a specially crafted link and execute an
arbitrary HTML and script code in the user’s browser in the context of a vulnerable website. Exploitation
vulnerability could allow an attacker acting remotely to steal potentially confidential
information, change the appearance of a web page, and perform phishing and drive-by attacks.

The vulnerability in the GLPI web application is due to insufficient cleansing of user data in the endpoint of the
GLPI inventory, a user can send a specially crafted query to the affected application and
execute arbitrary SQL commands on the application’s database. Exploitation of the vulnerability could allow
an attacker acting remotely to read, delete, modify data in the database, and gain full
control over the vulnerable application.