CVE-2023-28633 – GLPI vulnerable to Blind Server-Side Request Forgery (SSRF) in RSS feeds
https://notcve.org/view.php?id=CVE-2023-28633
GLPI is a free asset and IT management software package. Starting in version 0.84 and prior to versions 9.5.13 and 10.0.7, usage of RSS feeds is subject to server-side request forgery (SSRF). In case the remote address is not a valid RSS feed, an RSS autodiscovery feature is triggered. This feature does not check safety or URLs. Versions 9.5.13 and 10.0.7 contain a patch for this issue. • https://github.com/glpi-project/glpi/commit/e2819da64c9075050805a44c834e1f4dc621a982 https://github.com/glpi-project/glpi/releases/tag/10.0.7 https://github.com/glpi-project/glpi/releases/tag/9.5.13 https://github.com/glpi-project/glpi/security/advisories/GHSA-r57v-j88m-rwwf • CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2023-28632 – GLPI vulnerable to account takeover by authenticated user
https://notcve.org/view.php?id=CVE-2023-28632
GLPI is a free asset and IT management software package. Starting in version 0.83 and prior to versions 9.5.13 and 10.0.7, an authenticated user can modify emails of any user, and can therefore takeover another user account through the "forgotten password" feature. By modifying emails, the user can also receive sensitive data through GLPI notifications. Versions 9.5.13 and 10.0.7 contain a patch for this issue. As a workaround, account takeover can be prevented by deactivating all notifications related to `Forgotten password? • https://github.com/glpi-project/glpi/releases/tag/10.0.7 https://github.com/glpi-project/glpi/releases/tag/9.5.13 https://github.com/glpi-project/glpi/security/advisories/GHSA-7pwm-pg76-3q9x • CWE-269: Improper Privilege Management •
CVE-2023-28639 – GLPI vulnerable to reflected Cross-site Scripting in search pages
https://notcve.org/view.php?id=CVE-2023-28639
GLPI is a free asset and IT management software package. Starting in version 0.85 and prior to versions 9.5.13 and 10.0.7, a malicious link can be crafted by an unauthenticated user. It will be able to exploit a reflected XSS in case any authenticated user opens the crafted link. This issue is fixed in versions 9.5.13 and 10.0.7. • https://github.com/glpi-project/glpi/releases/tag/10.0.7 https://github.com/glpi-project/glpi/releases/tag/9.5.13 https://github.com/glpi-project/glpi/security/advisories/GHSA-r93q-chh5-jgh4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-41941 – glpi contains XSS Stored inside Standard Interface Help Link href attribute
https://notcve.org/view.php?id=CVE-2022-41941
GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may store malicious code in help links. This issue is patched in 10.0.6. GLPI es un paquete gratuito de software de gestión de TI y activos. • https://github.com/glpi-project/glpi/security/advisories/GHSA-qqqm-7h6v-7cf4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-22725 – glpi vulnerable to XSS on external links
https://notcve.org/view.php?id=CVE-2023-22725
GLPI is a Free Asset and IT Management Software package. Versions 0.6.0 and above, prior to 10.0.6 are vulnerable to Cross-site Scripting. This vulnerability allow for an administrator to create a malicious external link. This issue is patched in 10.0.6. GLPI es un paquete gratuito de software de gestión de TI y activos. • https://github.com/glpi-project/glpi/security/advisories/GHSA-f5g6-fxrw-pfj7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •