CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-33971 – Formcreator vulnerable to stored XSS from ##FULLFORM##
https://notcve.org/view.php?id=CVE-2023-33971
Formcreator is a GLPI plugin which allow creation of custom forms and the creation of one or more tickets when the form is filled. A probable stored cross-site scripting vulnerability is present in Formcreator 2.13.5 and prior via the use of the use of `##FULLFORM##` for rendering. This could result in arbitrary javascript code execution in an admin/tech context. A patch is unavailable as of time of publication. As a workaround, one may use a regular expression to remove `< > "` in all fields. • https://github.com/pluginsGLPI/formcreator/security/advisories/GHSA-777g-3848-8r3g • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-28855 – Fields GLPI plugin vulnerable to unauthorized write access to additional fields
https://notcve.org/view.php?id=CVE-2023-28855
Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to versions 1.13.1 and 1.20.4, lack of access control check allows any authenticated user to write data to any fields container, including those to which they have no configured access. Versions 1.13.1 and 1.20.4 contain a patch for this issue. • https://github.com/pluginsGLPI/fields/commit/784260be7db185bb1e7d66b299997238c4c0205d https://github.com/pluginsGLPI/fields/releases/tag/1.13.1 https://github.com/pluginsGLPI/fields/releases/tag/1.20.4 https://github.com/pluginsGLPI/fields/security/advisories/GHSA-52vv-hm4x-8584 • CWE-269: Improper Privilege Management •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-39190 – SCCM plugin for GLPI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
https://notcve.org/view.php?id=CVE-2021-39190
The SCCM plugin for GLPI is a plugin to synchronize computers from SCCM (version 1802) to GLPI. In versions prior to 2.3.0, the Configuration page is publicly accessible in read-only mode. This issue is patched in version 2.3.0. No known workarounds exist. El plugin de SCCM para GLPI es un plugin para sincronizar equipos de SCCM (versión 1802) con GLPI. • https://github.com/pluginsGLPI/sccm/commit/29a7f92d32a0cf9aa3f22c52c50b738274d2813e https://github.com/pluginsGLPI/sccm/security/advisories/GHSA-3324-57w6-jxcq • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 2CVE-2021-43779 – Remote Command Execution vulnerability
https://notcve.org/view.php?id=CVE-2021-43779
GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing plugin in versions < 2.9.1 suffers from authenticated Remote Code Execution vulnerability, allowing access to the server's underlying operating system using command injection abuse of functionality. There is no workaround for this issue and users are advised to upgrade or to disable the addressing plugin. GLPI es un sistema de administración de activos de TI de código abierto, un sistema de seguimiento de incidencias y un sistema de servicio técnico. El plugin de direccionamiento de GLPI en versiones anteriores a 2.9.1, sufre una vulnerabilidad de Ejecución de Código Remota autenticada, que permite acceder al sistema operativo subyacente del servidor mediante el abuso de inyección de comandos. • https://github.com/hansmach1ne/MyExploits/tree/main/RCE_GLPI_addressing_plugin https://github.com/pluginsGLPI/addressing/commit/6f55964803054a5acb5feda92c7c7f1d91ab5366 https://github.com/pluginsGLPI/addressing/security/advisories/GHSA-q5fp-xpr8-77jh • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2019-12724
https://notcve.org/view.php?id=CVE-2019-12724
An issue was discovered in the Teclib News plugin through 1.5.2 for GLPI. It allows a stored XSS attack via the $_POST['name'] parameter. Se detectó un problema en el plugin News de Teclib hasta la versión 1.5.2 para GLPI. Permite un ataque de tipo XSS almacenado por medio del parámetro $_POST['nombre']. • https://github.com/pluginsGLPI/news/blob/master/front/alert.form.php https://github.com/pluginsGLPI/news/pull/69 https://github.com/pluginsGLPI/news/releases/tag/1.5.3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •