You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cross-Site Request Forgery (CSRF) vulnerability in GLPI 0.90.4 allows
remote authenticated attackers to submit a request which could lead to
the creation of an admin account in the application.
Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote
authenticated attackers to inject arbitrary web script or HTML by
attaching a crafted HTML file to a ticket.
Related CVE:
Thanks to Eric Carter (CS)
Should be already fixed by fc93633
The text was updated successfully, but these errors were encountered: