Unrated severityNVD Advisory· Published May 26, 2021· Updated Aug 3, 2024
CVE-2021-3486
CVE-2021-3486
Description
GLPi 9.5.4 does not sanitize the metadata. This way its possible to insert XSS into plugins to execute JavaScript code.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GLPi/GLPidescription
- Range: <=9.5.4
Patches
Vulnerability mechanics
References
3- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- github.com/Kitsun3Sec/exploits/tree/master/cms/GLPI/GLPI-stored-XSSmitrex_refsource_MISC
- n3k00n3.github.io/blog/09042021/glpi_xss.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.