CVE-2019-12723

2019-07-10T13:15:00
ID CVE-2019-12723
Type cve
Reporter cve@mitre.org
Modified 2019-07-11T15:56:00

Description

An issue was discovered in the Teclib Fields plugin through 1.9.2 for GLPI. it allows SQL Injection via container_id and old_order parameters to ajax/reorder.php by an unauthenticated user.