Skip to content

SQL injection on login page

Critical
trasher published GHSA-w2gc-v2gm-q7wq Jun 28, 2022

Package

GLPI (glpi)

Affected versions

>= 9.3.0

Patched versions

9.5.8, 10.0.2

Description

Impact

An SQL injection is possible on login page, without being logged in

Severity

Critical

CVE ID

CVE-2022-31061

Weaknesses

Credits