Vulnerabilities

CVE-2025-27514

by Fred · 29/07/2025

GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In versions 9.5.0 through 10.0.18, a technician can use a malicious payload to trigger a stored XSS on the project’s kanban. This is fixed in version 10.0.19.

More information : https://github.com/glpi-project/glpi/commit/c340a64a11343bde706d1cd41e4be798dd922303

Similar

Tags: Cybersecurity Alert