3 matches found
Security fix for the ALT Linux 10 package glpi version 9.5.12-alt1
9.5.12-alt1 built March 22, 2023 Pavel Zilke in task 316955 March 18, 2023 Pavel Zilke - New version 9.5.12 - This release fixes several security issues that has been recently discovered. Update is recommended! - Security fixes: + CVE-2023-22722 : XSS on browse views + CVE-2023-22725 : XSS on...
CVE-2023-23610
GLPI is a Free Asset and IT Management Software package. Versions prior to 9.5.12 and 10.0.6 are vulnerable to Improper Privilege Management. Any user having access to the standard interface can export data of almost any GLPI item type, even those on which user is not allowed to access including...
CVE-2023-23610
CVE-2023-23610 affects GLPI; prior to 10.0.6 (and older) versions, users with access to the standard interface could export data from most GLPI item types regardless of permissions. The entry states the issue is patched in 10.0.6. Other connected advisories describe separate issues (SQLi, XSS, SS...