Vulnerabilities > Glpi Project > Glpi > 9.3.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-04 | CVE-2019-13239 | Cross-site Scripting vulnerability in Glpi-Project Glpi inc/user.class.php in GLPI before 9.4.3 allows XSS via a user picture. | 6.1 |
| 2019-03-27 | CVE-2019-10233 | Information Exposure Through Discrepancy vulnerability in Glpi-Project Glpi Teclib GLPI before 9.4.1.1 is affected by a timing attack associated with a cookie. | 8.1 |