CVE-2020-11036

MEDIUM Year: 2020
CVSS v3 Score
5.4
Medium
CVSS v2 Score
3.5
Low
Weakness Type
CWE-79
View all →

Vulnerability Description

In GLPI before version 9.4.6 there are multiple related stored XSS vulnerabilities. The package is vulnerable to Stored XSS in the comments of items in the Knowledge base. Adding a comment with content "<script>alert(1)</script>" reproduces the attack. This can be exploited by a user with administrator privileges in the User-Agent field. It can also be exploited by an outside party through the following steps: 1. Create a user with the surname `" onmouseover="alert(document.cookie)` and an empty first name. 2. With this user, create a ticket 3. As an administrator (or other privileged user) open the created ticket 4. On the "last update" field, put your mouse on the name of the user 5. The XSS fires This is fixed in version 9.4.6.

Related Vulnerabilities

CVE-2006-10001

MEDIUM
CVSS:5.4(Medium)

A vulnerability, which was classified as problematic, was found in Subscribe to Comments Plugin up to 2.0.7 on WordPress. This affects an unknown part of the file subscribe-to-comments.php. The manipu...

CWE-792006

CVE-2007-1679

MEDIUM
CVSS:5.4(Medium)

Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware Webmail 1.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in (1) imp/search.php...

CWE-792007

CVE-2010-10008

MEDIUM
CVSS:5.4(Medium)

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in simplesamlphp simplesamlphp-module-openidprovider up to 0.8.x. It has been declared as problematic. Affected by this vulnerability is an un...

CWE-792010

CVE-2010-3659

MEDIUM
CVSS:5.4(Medium)

Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject...

CWE-792010

CVE-2010-3660

MEDIUM
CVSS:5.4(Medium)

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend.

CWE-792010

CVE-2010-3665

MEDIUM
CVSS:5.4(Medium)

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager.

CWE-792010
\" reproduces the attack. This can be exploited by a user with administrator privileges in the User-Agent field. It can also be exploited by an outside party through the following steps: 1. Create a user with the surname `\" onmouseover=\"alert(document.cookie)` and an empty first name. 2. With this user, create a ticket 3. As an administrator (or other privileged user) open the created ticket 4. On the \"last update\" field, put your mouse on the name of the user 5. The XSS fires This is fixed in version 9.4.6." } }, { "@type": "Question", "name": "How severe is CVE-2020-11036?", "acceptedAnswer": { "@type": "Answer", "text": "This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10." } }, { "@type": "Question", "name": "What type of vulnerability is CVE-2020-11036?", "acceptedAnswer": { "@type": "Answer", "text": "This is classified as CWE-79, which is a common weakness in software security." } } ] }