CVE-2022-34125
GLPI CMDB plugin vulnerability CVE-2022-34125 affects versions prior to 3.0.3 of the CMDB plugin for GLPI. The issue is in front/icon.send.php, where the file parameter can be used with a _log/ pathname to gain read access to sensitive information. Remediation per connected sources is to upgrade ...