GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versions 9.5.13 and 10.0.7 contain a patch for this issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-04-05T17:45:30.721Z
Updated: 2024-08-02T13:51:38.940Z
Reserved: 2023-03-24T16:25:34.467Z
Link: CVE-2023-28852
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-04-05T18:15:08.520
Modified: 2023-04-12T16:12:20.340
Link: CVE-2023-28852
Redhat
No data.