Headline
CVE-2022-39398: Cross-site Scripting (XSS) - Create XSS in task content
tasklists is a tasklists plugin for GLPI (Kanban). Versions prior to 2.0.3 are vulnerable to Cross-site Scripting. Cross-site Scripting (XSS) - Create XSS in task content (when add it). This issue is patched in version 2.0.3. There are no known workarounds.
Package
Plugin Tasklists (GLPI)
Affected versions
< 2.0.3
Patched versions
2.0.3
Description
Impact
What kind of vulnerability is it? Who is impacted?
Cross-site Scripting (XSS) - Create XSS in task content (when add it)
Patches
Has the problem been patched? What versions should users upgrade to?
2.0.3
Workarounds
Is there a way for users to fix or remediate the vulnerability without upgrading?