CVE-2023-29006
CVE-2023-29006 affects the Order GLPI plugin. Versions 1.8.0 up to, but not including, 2.7.7 and 2.10.1 allow an authenticated user with access to the standard interface to craft a URL that can execute a system command. Patches exist in 2.7.7 and 2.10.1. A manual workaround is to delete the plugi...