CVE-2020-11032

Publication date

2020-05-05 21:05:12

Family

GitHub_M

State

PUBLISHED

Description

In GLPI before version 9.4.6, there is a SQL injection vulnerability for all helpdesk instances. Exploiting this vulnerability requires a technician account. This is fixed in version 9.4.6.