Vulnerability CVE-2021-21312: Information

Description

GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/document.form.php endpoint), indeed one of the form field: "Web Link" is not properly sanitized and a malicious user (who has document upload rights) can use it to deliver JavaScript payload. For example if you use the following payload: " accesskey="x" onclick="alert(1)" x=", the content will be saved within the database without any control. And then once you return to the summary documents page, by clicking on the "Web Link" of the newly created file it will create a new empty tab, but on the initial tab the pop-up "1" will appear.

Severity: MEDIUM (4.8) Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2021-21312
Published: March 3, 2021
Modified: March 10, 2021
Error type identifier: CWE-79

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
glpisisyphus9.5.4-alt110.0.15-alt1ALT-PU-2021-1583-1268732Fixed
glpip109.5.4-alt110.0.15-alt1ALT-PU-2021-1583-1268732Fixed
glpip99.5.4-alt19.5.13-alt1ALT-PU-2021-1660-1269862Fixed
glpic10f19.5.4-alt110.0.15-alt1ALT-PU-2021-1583-1268732Fixed
glpic9f29.5.13-alt19.5.13-alt1ALT-PU-2024-8094-3348598Fixed
glpip119.5.4-alt110.0.15-alt1ALT-PU-2021-1583-1268732Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://github.com/glpi-project/glpi/security/advisories/GHSA-c7f6-3mr7-3rq2
  • Third Party Advisory
https://github.com/glpi-project/glpi/releases/tag/9.5.4
  • Release Notes
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*
      End excliding
      9.5.4
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top