VYPR

Ipl Web

by Icinga

Source repositories

CVEs (2)

  • CVE-2026-42224HigMay 8, 2026
    risk 0.42cvss 7.6epss 0.00

    ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared…

  • CVE-2024-41811LowAug 5, 2024
    risk 0.18cvss 3.9epss 0.00

    ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will be unaffected by this once `icinga-php-library` is…