Skip to content

Stored XSS on Kanban

Moderate
trasher published GHSA-33g2-m556-gccr Jun 9, 2022

Package

glpi (glpi)

Affected versions

10.0.0

Patched versions

10.0.1

Description

Impact

A user can exploit a XSS on Kanban by injecting HTML code in its user name.

Patches

Fixed in 10.0.1.

Severity

Moderate

CVE ID

CVE-2022-24876

Weaknesses