We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
The attack need a logged account (a self-service profile is sufficient). You can read data from any itemtype of GLPI (Ticket, Users, etc)
Data sent contains only id and name fields of the objects
e0d6a24
If you have any questions or comments about this advisory: Email us at glpi-security@ow2.org
indevi0us Analyst
Impact
The attack need a logged account (a self-service profile is sufficient).
You can read data from any itemtype of GLPI (Ticket, Users, etc)
Data sent contains only id and name fields of the objects
Patches
e0d6a24
For more information
If you have any questions or comments about this advisory:
Email us at glpi-security@ow2.org