Vulnerability Description
In GLPI before version 9.5.2, the `install/install.php` endpoint insecurely stores user input into the database as `url_base` and `url_base_api`. These settings are referenced throughout the application and allow for vulnerabilities like Cross-Site Scripting and Insecure Redirection Since authentication is not required to perform these changes,anyone could point these fields at malicious websites or form input in a way to trigger XSS. Leveraging JavaScript it's possible to steal cookies, perform actions as the user, etc. The issue is patched in version 9.5.2.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Glpi-Project | Glpi | < 9.5.2 |
Related Weaknesses (CWE)
References
- https://github.com/glpi-project/glpi/commit/a8109d4ee970a222faf48cf48fae2d2f0646PatchThird Party Advisory
- https://github.com/glpi-project/glpi/security/advisories/GHSA-prvh-9m4h-4m79Third Party Advisory
- https://github.com/glpi-project/glpi/commit/a8109d4ee970a222faf48cf48fae2d2f0646PatchThird Party Advisory
- https://github.com/glpi-project/glpi/security/advisories/GHSA-prvh-9m4h-4m79Third Party Advisory
FAQ
What is CVE-2020-15177?
CVE-2020-15177 is a vulnerability with a CVSS score of 8.0 (HIGH). In GLPI before version 9.5.2, the `install/install.php` endpoint insecurely stores user input into the database as `url_base` and `url_base_api`. These settings are referenced throughout the applicati...
How severe is CVE-2020-15177?
CVE-2020-15177 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-15177?
Check the references section above for vendor advisories and patch information. Affected products include: Glpi-Project Glpi.