CVE-2026-25590
GLPI Inventory Plugin has Reflected XSS in task jobs
The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
Affected products
glpi-project · glpi-inventory-pluginWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →