CVE-2026-5385 - Vulnerability Details - OpenCVE

An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item. This issue affects glpi: before 11.0.7.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction Active

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://fluidattacks.com/es/advisories/bizkit
https://github.com/glpi-project/glpi
https://github.com/glpi-project/glpi/releases/tag/11.0.7
https://github.com/glpi-project/glpi/security/advisories/GHSA-2fg5-jg72-h338

History

Wed, 03 Jun 2026 02:30:00 +0000

Type	Values Removed	Values Added
Description		An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item. This issue affects glpi: before 11.0.7.
Title		GLPI 11.0.0 - Stored XSS in knowledge base
Weaknesses		CWE-79
References		https://fluidattacks.com/es/advisories/bizkit https://github.com/glpi-project/glpi https://github.com/glpi-project/glpi/releases/tag/11.0.7 https://github.com/glpi-project/glpi/security/advisories/GHSA-2fg5-jg72-h338
Metrics		cvssV4_0 `{'score': 8.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: Fluid Attacks

Published: 2026-06-02T18:32:01.150Z

Updated: 2026-06-02T18:32:01.150Z

Reserved: 2026-04-01T20:34:27.215Z

Link: CVE-2026-5385

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-06-02T20:16:40.840

Modified: 2026-06-02T20:16:40.840

Link: CVE-2026-5385

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5385", "assignerOrgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869", "state": "PUBLISHED", "assignerShortName": "Fluid Attacks", "dateReserved": "2026-04-01T20:34:27.215Z", "datePublished": "2026-06-02T18:32:01.150Z", "dateUpdated": "2026-06-02T18:32:01.150Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869", "shortName": "Fluid Attacks", "dateUpdated": "2026-06-02T18:32:01.150Z"}, "title": "GLPI 11.0.0 - Stored XSS in knowledge base", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-79", "description": "CWE-79 Improper neutralization of input during web page generation ('cross-site scripting')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "affected": [{"vendor": "glpi-project", "product": "glpi", "platforms": ["Windows", "MacOS", "Linux"], "versions": [{"status": "affected", "version": "0", "lessThan": "11.0.7", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item.\n\n\nThis issue affects glpi: before 11.0.7.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item.<div><br><p>This issue affects glpi: before 11.0.7.</p></div>"}]}], "references": [{"url": "https://fluidattacks.com/es/advisories/bizkit", "tags": ["third-party-advisory"]}, {"url": "https://github.com/glpi-project/glpi", "tags": ["product"]}, {"url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-2fg5-jg72-h338", "tags": ["vendor-advisory"]}, {"url": "https://github.com/glpi-project/glpi/releases/tag/11.0.7", "tags": ["patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.4, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}], "credits": [{"lang": "en", "value": "Fluid Attacks' AI SAST Scanner", "type": "finder"}, {"lang": "en", "value": "Oscar Uribe", "type": "finder"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.2"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An unauthenticated user with write access to the knowledge base can store an XSS payload in a knowledge base item.\n\n\nThis issue affects glpi: before 11.0.7."}], "id": "CVE-2026-5385", "lastModified": "2026-06-02T20:16:40.840", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "help@fluidattacks.com", "type": "Secondary"}]}, "published": "2026-06-02T20:16:40.840", "references": [{"source": "help@fluidattacks.com", "url": "https://fluidattacks.com/es/advisories/bizkit"}, {"source": "help@fluidattacks.com", "url": "https://github.com/glpi-project/glpi"}, {"source": "help@fluidattacks.com", "url": "https://github.com/glpi-project/glpi/releases/tag/11.0.7"}, {"source": "help@fluidattacks.com", "url": "https://github.com/glpi-project/glpi/security/advisories/GHSA-2fg5-jg72-h338"}], "sourceIdentifier": "help@fluidattacks.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "help@fluidattacks.com", "type": "Primary"}]}