Security Advisory

CVE-2022-39323

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-03 00:00:00

Last updated 2025-04-23 16:41:22

Assigner GitHub_M

State PUBLISHED

Description

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Time based attack using a SQL injection in api REST user_token. This issue has been patched, please upgrade to version 10.0.4. As a workaround, disable login with user_token on API Rest.

← Browse all CVEs View on cve.org ↗