UBUNTU-CVE-2020-11036

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2020-11036
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-11036.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-11036
Related
Published
2020-05-05T22:15:00Z
Modified
2025-01-13T10:22:11Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "<script>alert(1)</script>" reproduces the attack. This can be exploited by a user with administrator privileges in the User-Agent field. It can also be exploited by an outside party through the following steps: 1. Create a user with the surname " onmouseover="alert(document.cookie) and an empty first name. 2. With this user, create a ticket 3. As an administrator (or other privileged user) open the created ticket 4. On the "last update" field, put your mouse on the name of the user 5. The XSS fires This is fixed in version 9.4.6.

References

Affected packages

Ubuntu:Pro:16.04:LTS / glpi

Package

Name
glpi
Purl
pkg:deb/ubuntu/glpi@0.84.8+dfsg.1-1ubuntu1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.84.8+dfsg.1-1
0.84.8+dfsg.1-1ubuntu1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}