It has been discovered that GLPI does not sanitize the profile picture name which can be used to inject malicious HTML and JavaScript code inside the page. If an administrator access the profile, it can be used to interact with the GLPI instance with the administrator profile and perform sensitive actions such as add the low privileges account to the Super-Admin group.
Tag: Stored Cross-Site Scripting
ASA-2019-00201 – Magento: Stored Cross-Site Scripting (XSS) in the Admin panel through the product configurations section
An authenticated user with privileges to the Admin product configurations section can use a Stored Cross-Site Scripting (XSS) vulnerability to embed malicious code.
ASA-2019-00200 – Magento: Stored Cross-Site Scripting (XSS) in the Admin Catalog configuration section
An authenticated user with privileges to the Admin **Products** > **Catalog** configuration section can use a Stored Cross-Site Scripting (XSS) vulnerability to embed malicious code.
ASA-2019-00198 – Magento: Stored Cross-Site Scripting (XSS) in the admin panel via the Attribute Label for Media Attributes section
An authenticated user with administrative privileges can embed malicious code in the Attribute Label for Media Attributes section in the admin panel.
ASA-2019-00197 – Magento: Stored Cross-Site Scripting (XSS) vulnerability in the Admin through the Checkbox Custom Option Value field
An authenticated user with privileges to the Checkbox Custom Option Value field on the Admin can use a Stored Cross-Site Scripting (XSS) vulnerability to embed malicious code.
ASA-2019-00196 – Magento: Stored Cross-Site Scripting (XSS) vulnerability in the Admin configuration area
An authenticated user with privileges to the Admin **Stores** > **Attributes** > **Product ** configuration area can use a Stored Cross-Site Scripting (XSS) vulnerability to embed malicious code.
ASA-2019-00195 – Magento: Stored Cross-Site Scripting (XSS) in the Admin through B2B packages
An authenticated user with privileges to the B2B packages through an unsanitized URL parameter can use a Stored Cross-Site Scripting (xSS) vulnerability to embed malicious code.