High severity8.8NVD Advisory· Published Nov 10, 2022· Updated Jun 17, 2026
CVE-2022-39398
CVE-2022-39398
Description
tasklists is a tasklists plugin for GLPI (Kanban). Versions prior to 2.0.3 are vulnerable to Cross-site Scripting. Cross-site Scripting (XSS) - Create XSS in task content (when add it). This issue is patched in version 2.0.3. There are no known workarounds.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <2.0.3
- Range: <2.0.3
- InfotelGLPI/tasklistsv5Range: < 2.0.3
Patches
Vulnerability mechanics
References
2- github.com/InfotelGLPI/tasklists/commit/4a1b30f3d9fa764695f98ce011c8542772530d47nvdPatchThird Party Advisory
- github.com/InfotelGLPI/tasklists/security/advisories/GHSA-3qv3-8393-777qnvdThird Party Advisory
News mentions
0No linked articles in our index yet.