Name of the Vulnerable Software and Affected Versions:

GLPI versions 9.5.0 through 10.0.18

Description:

GLPI is an Asset and IT Management Software package. A technician can utilize a malicious payload to trigger a stored Cross-Site Scripting (XSS) issue on the project's kanban.

Recommendations:

Update to version 10.0.19 or later.