cedric-anne
published
GHSA-52vv-hm4x-8584Apr 5, 2023
Package
plugin/fields
(glpi)
Affected versions
<= 1.20.3
Patched versions
1.13.1, 1.20.4
Description
Impact
Lack of access control check allows any authenticated user to write data to any fields container, including those to which they have no configured access.
Patches
Upgrade to 1.20.4.
For more information
If you have any questions or comments about this advisory, mail us at glpi-security@ow2.org.
Impact
Lack of access control check allows any authenticated user to write data to any fields container, including those to which they have no configured access.
Patches
Upgrade to 1.20.4.
For more information
If you have any questions or comments about this advisory, mail us at glpi-security@ow2.org.