Janosvaszi

**Name of the Vulnerable Software and Affected Versions** GLPI versions prior to 9.5.7 **Description** The issue is related to reflected cross-site scripting in GLPI, a free asset and IT management software package. This can allow a remote attacker to perform cross-site scripting attacks by exploiting the lack of protection measures for the web page structure. There are no known workarounds for this issue. **Recommendations** For versions prior to 9.5.7, update to version 9.5.7 to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable web pages or modules until the patch is applied.