1
Candidate: CVE-2016-7509
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7509
5
https://github.com/glpi-project/glpi/issues/2483
6
https://github.com/glpi-project/glpi/commit/fc9363360a12328057b69a29a9f233f0ab113bf4
8
Cross-site scripting (XSS) vulnerability in GLPI 0.90.4 allows remote
9
authenticated attackers to inject arbitrary web script or HTML by attaching
10
a crafted HTML file to a ticket.
13
sbeattie> same fix as CVE-2016-7507
16
Discovered-by: Eric Carter
20
upstream_glpi: needs-triage
22
trusty_glpi: needs-triage
23
vivid/ubuntu-core_glpi: DNE
24
xenial_glpi: needs-triage
25
yakkety_glpi: ignored (reached end-of-life)