vulnerability
FreeBSD: VID-07AECAFA-3B12-11EB-AF2A-080027DBE4B7 (CVE-2020-11062): glpi -- Reflexive XSS in Dropdown menus
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:N/I:P/A:N) | Mar 30, 2020 | Dec 12, 2020 | Dec 12, 2020 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Mar 30, 2020
Added
Dec 12, 2020
Modified
Dec 12, 2020
Description
In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6.
Solution
freebsd-upgrade-package-glpi
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.