You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
cedric-anne
published
GHSA-2hcg-75jj-hghpSep 26, 2023
Package
glpi
(glpi)
Affected versions
>= 10.0.8
Patched versions
10.0.10
Description
Impact
The lack of path filtering on the GLPI URL may allow an attacker to transmit a malicious URL of login page that can be used to attempt a phishing attack on user credentials.
Patches
Upgrade to 10.0.10
For more information
If you have any questions or comments about this advisory, mail us at glpi-security@ow2.org.
Impact
The lack of path filtering on the GLPI URL may allow an attacker to transmit a malicious URL of login page that can be used to attempt a phishing attack on user credentials.
Patches
Upgrade to 10.0.10
For more information
If you have any questions or comments about this advisory, mail us at glpi-security@ow2.org.