3 matches found
CVE-2023-35939
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.8, an incorrect rights check on a on a file accessible by an authenticated user or not for certain actions, allows a threat actor to interact, modify, or see Dashboard data. Version 10.0.8...
CVE-2023-35939
GLPI CVE-2023-35939 concerns an incorrect rights check in GLPI prior to version 10.0.8, affecting 9.5.0 and all versions before 10.0.8. A threat actor with authentication (or in some cases without) could interact with, modify, or view Dashboard data due to this rights check flaw. The patch is ava...
CVE-2023-35939 GLPI vulnerable to unauthorized access to Dashboard data
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.8, an incorrect rights check on a on a file accessible by an authenticated user or not for certain actions, allows a threat actor to interact, modify, or see Dashboard data. Version 10.0.8...