VYPR
Unrated severityNVD Advisory· Published Oct 7, 2020· Updated Aug 4, 2024

User data exposure in GLPI

CVE-2020-15217

Description

In GLPI before version 9.5.2, there is a leakage of user information through the public FAQ. The issue was introduced in version 9.5.0 and patched in 9.5.2. As a workaround, disable public access to the FAQ.

Affected products

2
  • Glpi Project/Glpillm-fuzzy2 versions
    <9.5.2+ 1 more
    • (no CPE)range: <9.5.2
    • (no CPE)range: >= 9.5.0, < 9.5.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.