Vulnerability CVE-2022-41941
Published: 2023-01-26

Description:
GLPI is a Free Asset and IT Management Software package. Versions 10.0.0 and above, prior to 10.0.6, are subject to Cross-site Scripting. An administrator may store malicious code in help links. This issue is patched in 10.0.6.

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/glpi-project/glpi/security/advisories/GHSA-qqqm-7h6v-7cf4
Copyright 2026, cxsecurity.com

 

Back to Top