OffSequence2d ago
⚠️ HIGH severity: CVE-2026-40108 impacts GLPI (11.0.0 – 11.0.6). Privileged technicians can inject XSS via ITIL cost fields. Upgrade to 11.0.7 to fix. No active exploits, but patching is critical. https://radar.offseq.com/threat/cve-2026-40108-cwe-79-improper-neutralization-of-i-b1d24331 #OffSeq #CVE202640108 #XSS #GLPI