
We found results for “”
CVE-2025-26626
Date: March 14, 2025
The GLPI Inventory Plugin handles various types of tasks for GLPI agents for the GLPI asset and IT management software package. Versions prior to 1.5.0 are vulnerable to reflective cross-site scripting, which may lead to executing javascript code. Version 1.5.0 fixes the issue.
Severity Score
Related Resources (4)
Severity Score
Weakness Type (CWE)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-79CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |