CVE-2022-39370

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-39370
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-39370.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-39370
Aliases
  • GHSA-6c2p-wgx9-vrjc
Published
2022-11-03T16:15:10Z
Modified
2024-05-29T21:34:56Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Connected users may gain access to debug panel through the GLPI update script. This issue has been patched, please upgrade to 10.0.4. As a workaround, delete the install/update.php script.

References

Affected packages

Git / github.com/glpi-project/glpi

Affected ranges

Type
GIT
Repo
https://github.com/glpi-project/glpi
Events