vulnerability

FreeBSD: VID-07aecafa-3b12-11eb-af2a-080027dbe4b7 (CVE-2020-11062): glpi -- Reflexive XSS in Dropdown menus

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Mar 30, 2020

Added

Dec 12, 2020

Modified

Jun 15, 2026

Description

In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6.

Solution

freebsd-upgrade-package-glpi

References

CVE-2020-11062
https://attackerkb.com/topics/CVE-2020-11062
CWE-79
EUVD-EUVD-2020-3439
https://euvd.enisa.europa.eu/vulnerability/EUVD-2020-3439

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report