Glpi · Glpi · CVE-2026-25932
Name of the Vulnerable Software and Affected Versions
GLPI versions 0.60 through 10.0.23
Description
GLPI is an Asset and IT Management Software package. An authenticated technician user can store a cross-site scripting (XSS) payload in supplier fields. This allows for potential malicious code execution within the application.
Recommendations
Update to version 10.0.24 or later.