CVE-2012-4003

Glpi < 0.83.2 - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI before 0.83.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.

References (4)

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2012:132

[Various Sources] https://forge.indepnet.net/projects/glpi/versions/771

[Issue Tracking] https://forge.indepnet.net/issues/3705

[Mailing List] http://www.openwall.com/lists/oss-security/2012/07/13/1

Scores

EPSS 0.0026

EPSS Percentile 48.7%

Details

CWE

CWE-79

Status published

Products (50)

glpi-project/glpi < 0.83.2

glpi-project/glpi

... and 40 more

Published Oct 09, 2012

Tracked Since Feb 18, 2026