ROS-20240812-06

A vulnerability in GLPI’s asset management and data center software is related to the
The introduction of a malicious link by an unauthenticated user. Exploitation of the vulnerability could
allow an attacker acting remotely to conduct an XSS attack

Vulnerability in GLPI’s request, incident and computer hardware inventory system is related to
Failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker,
acting remotely, to execute arbitrary code

GLPI asset and data center management software vulnerability is related to
Improper verification of file permissions available to an authenticated user. Exploitation of the
of the vulnerability could allow an attacker acting remotely to obtain sensitive information

Vulnerability in GLPI’s computer equipment request, incident, and inventory system is related to
Access control weaknesses. Exploitation of the vulnerability could allow an intruder acting
remotely, to modify or view control panel data

Vulnerability in the GLPI computer equipment request, incident and inventory system is related to an authentication flaw.
Authentication procedure flaws. Exploitation of the vulnerability could allow an intruder acting
remotely, to disclose protected information

GLPI asset and data center management software vulnerability is related to
Improper verification of file permissions available to an authenticated user. Exploitation of the
of the vulnerability could allow an attacker acting remotely to escalate their privileges