Описание
GLPI is a free asset and IT management software package. From version 0.85 to before 10.0.23, an authenticated user can perform a SQL injection. This issue has been patched in version 10.0.23.
Ссылки
- ProductRelease Notes
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 0.85 (включая) до 10.0.23 (исключая)
cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00044
Низкий
6.5 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 6.5
ubuntu
около 2 месяцев назад
GLPI is a free asset and IT management software package. From version 0.85 to before 10.0.23, an authenticated user can perform a SQL injection. This issue has been patched in version 10.0.23.
CVSS3: 6.5
debian
около 2 месяцев назад
GLPI is a free asset and IT management software package. From version ...
EPSS
Процентиль: 13%
0.00044
Низкий
6.5 Medium
CVSS3
8.8 High
CVSS3
Дефекты
CWE-89