6.4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.174 Low
EPSS
Percentile
96.1%
inc/ticket.class.php in GLPI 0.83.9 and earlier allows remote attackers to
unserialize arbitrary PHP objects via the _predefined_fields parameter to
front/ticket.form.php.