Cyber-Brent

**Name of the Vulnerable Software and Affected Versions** GLPI versions 10.0.0 through 10.0.10 **Description** The issue is related to the saved search feature in GLPI, which can be used to perform a SQL injection. This allows a remote attacker to execute arbitrary code. The vulnerability is due to the lack of protection of the SQL query structure. **Recommendations** For versions 10.0.0 through 10.0.10, update to version 10.0.11, which contains a patch for the issue. As a temporary workaround, consider restricting access to the saved search feature until the patch is applied.

**Name of the Vulnerable Software and Affected Versions** Leantime versions prior to 2.4-beta-4 **Description** Leantime is an open source project management system. A `userId` variable in `app/domain/files/repositories/class.files.php` is not parameterized. An authenticated attacker can send a carefully crafted POST request to "/api/jsonrpc" to exploit an SQL injection vulnerability. Confidentiality is impacted as it allows for dumping information from the database. **Recommendations** For versions prior to 2.4-beta-4, upgrade to version 2.4-beta-4 to address the issue. As a temporary workaround, consider restricting access to the `/api/jsonrpc` endpoint until the upgrade is applied. Additionally, avoid using the `userId` variable in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Leantime versions 2.3.21 and later **Description** The issue allows an authenticated user with commenting privileges to inject malicious Javascript into a comment. When the malicious comment is loaded in the browser by a user, the malicious Javascript code executes. **Recommendations** For Leantime versions 2.3.21 and later, at the moment, there is no information about a newer version that contains a fix for this vulnerability.