Описание
GLPI is a free asset and IT management software package. From 11.0.0, < 11.0.3, an unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 11.0.3.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| glpi | removed | package |
Примечания
https://github.com/glpi-project/glpi/security/advisories/GHSA-p467-682w-9cc9
EPSS
Связанные уязвимости
GLPI is a free asset and IT management software package. From 11.0.0, < 11.0.3, an unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 11.0.3.
GLPI is a free asset and IT management software package. From 11.0.0, < 11.0.3, an unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 11.0.3.
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры запроса sql, позволяющая нарушителю выполнить произвольный код
EPSS