First published: Thu Nov 03 2022(Updated: )
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Authenticated users may store malicious code in their account information. This issue has been patched, please upgrade to version 10.0.4. There are currently no known workarounds.
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
GLPI-PROJECT GLPI | >=0.70<10.0.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
GLPI stands for Gestionnaire Libre de Parc Informatique. It is a Free Asset and IT Management Software package.
The vulnerability ID for GLPI is CVE-2022-39372.
The severity of CVE-2022-39372 is medium with a CVSS score of 5.4.
The affected software versions of CVE-2022-39372 are GLPI versions 0.70 to 10.0.4.
To fix the vulnerability CVE-2022-39372 in GLPI, you should update to the latest patched version provided by the GLPI project.