CVE-2024-23645

Published February 1st, 2024

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

GLPI is a Free Asset and IT Management Software package. A malicious URL can be used to execute XSS on reports pages. Upgrade to 10.0.12.

glpi-project/glpi

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.

GitHub

6.04K