CSRF protection can be bypassed at many places, once user is logged into GLPI. Malicious website is so able to perform many actions on GLPI.
Upgrade to 9.5.6
None.
Impact
CSRF protection can be bypassed at many places, once user is logged into GLPI.
Malicious website is so able to perform many actions on GLPI.
Patches
Upgrade to 9.5.6
Workarounds
None.