Reflected XSS Vulnerability in GLPI IT Management Software
CVE-2024-43418
6.1MEDIUM
What is CVE-2024-43418?
A reflected XSS vulnerability exists in the GLPI IT management software, allowing an unauthenticated attacker to exploit this weakness. By crafting a malicious link, an attacker could trick a GLPI technician into clicking it, potentially executing arbitrary JavaScript in the context of the user's session. It is crucial for users to upgrade to version 10.0.17 or later to mitigate this risk and enhance the security of their GLPI environment.