6 matches found
Security fix for the ALT Linux 9 package glpi version 9.5.10-alt1
Nov. 4, 2022 Pavel Zilke 9.5.10-alt1 - New version 9.5.10 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2022-39276 : Blind SSRF in RSS feeds and planning + CVE-2022-39372 : Stored XSS in user information +...
CVE-2022-39234
creationtimestamp| type| source ---|---|--- 2022-11-03 17:20:39+00:00| seen| https://t.me/cibsecurity/52505...
CVE-2022-39234
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Deleted/deactivated user could continue to use their account as long as its cookie is valid. This iss...
CVE-2022-39234
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Deleted/deactivated user could continue to use their account as long as its cookie is valid. This iss...
CVE-2022-39234
GLPI (Gestionnaire Libre de Parc Informatique) is affected by CVE-2022-39234: a deleted or deactivated user may continue to use their account while a valid session cookie exists. The remediation is to upgrade to GLPI 10.0.4 or later; no workaround is documented in the provided sources.
CVE-2022-39234 user session persists even after permanently deleting account in GLPI
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Deleted/deactivated user could continue to use their account as long as its cookie is valid. This iss...