GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0.6, a malicious actor with knowledge of a user's credentials can bypass MFA and steal their account. Version 11.0.6 fixes the issue.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:NTeclib Edition Glpi
APPTeclib-Edition11.0.0 β 11.0.6 (bez)
Related vulnerabilities
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, lice...
GLPI is a free Asset and IT management software package. Starting in version 11.0.0 and prior to version 11.0....
RCE przez tworzenie dropdownΓ³w w pluginie Fields dla GLPI
GLPI is an open source IT Asset Management, issue tracking system and service desk system. The GLPI addressing...
An issue was discovered in the Teclib Fields plugin through 1.9.2 for GLPI. it allows SQL Injection via contai...