CVE-2020-11036

Name of the Vulnerable Software and Affected Versions GLPI versions prior to 9.4.6

Description The issue concerns stored XSS vulnerabilities in the comments of items in the Knowledge base. An attack can be reproduced by adding a comment with malicious content, such as <script>alert(1)</script>. This can be exploited by a user with administrator privileges in the User-Agent field. Additionally, an outside party can exploit this by creating a user with a specially crafted surname, onmouseover="alert(document.cookie), and then creating a ticket. When an administrator or privileged user opens the ticket and hovers over the user's name in the "last update" field, the XSS is triggered.

Recommendations For versions prior to 9.4.6, update to version 9.4.6 to resolve the issue. As a temporary workaround, consider restricting the ability to add comments in the Knowledge base or limiting user privileges to minimize the risk of exploitation. Avoid using the User-Agent field for malicious input until the issue is resolved.