A vulnerability labeled as problematic has been found in glpi-project glpi up to 11.0.6 . This affects an unknown part of the component Knowledge Base . Such manipulation leads to cross site scripting. This vulnerability is traded as CVE-2026-5385 . The attack may be launched remotely. There is no exploit available. The affected component should be upgraded.