Описание
GLPI is a Free Asset and IT Management Software package. Prior to 10.0.15, an authenticated user can exploit a SQL injection vulnerability in the saved searches feature to alter another user account data take control of it. This vulnerability is fixed in 10.0.15.
Ссылки
- Patch
- Vendor Advisory
- Patch
- Vendor Advisory
Уязвимые конфигурации
EPSS
7.1 High
CVSS3
8.1 High
CVSS3
Дефекты
Связанные уязвимости
GLPI is a Free Asset and IT Management Software package. Prior to 10.0.15, an authenticated user can exploit a SQL injection vulnerability in the saved searches feature to alter another user account data take control of it. This vulnerability is fixed in 10.0.15.
GLPI is a Free Asset and IT Management Software package. Prior to 10.0 ...
Уязвимость системы заявок, инцидентов и инвентаризации компьютерного оборудования GLPI, связанная с непринятием мер по защите структуры запроса SQL, позволяющая нарушителю выполнять произвольные SQL-запросы
EPSS
7.1 High
CVSS3
8.1 High
CVSS3