You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
cedric-anne
published
GHSA-gcj4-2cp3-6h5jMay 7, 2024
Package
glpi
(glpi)
Affected versions
>= 9.3.0
Patched versions
10.0.15
Description
Impact
An authenticated user can exploit a SQL injection vulnerability from map search.
This security issue can be exploited only if GLPI server is using PHP 7.4.
Patches
Upgrade to 10.0.15.
Workarounds
Upgrade to PHP >= 8.0.
For more information
If you have any questions or comments about this advisory, mail us at glpi-security@ow2.org.
BorelEnzo Reporter
Impact
An authenticated user can exploit a SQL injection vulnerability from map search.
This security issue can be exploited only if GLPI server is using PHP 7.4.
Patches
Upgrade to 10.0.15.
Workarounds
Upgrade to PHP >= 8.0.
For more information
If you have any questions or comments about this advisory, mail us at glpi-security@ow2.org.