2023-04-16 00:00:00
mitre
PUBLISHED
front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access to sensitive information via a _log/ pathname in the file parameter.