-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Security: glpi-project/glpi
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Unauthenticated session hijacking (Leakymetry)GHSA-v977-g4r9-6r72 published
Dec 11, 2024 by cedric-anneCritical -
Insecure account deletion by authenticated userGHSA-vjmw-j32j-ph4f published
Dec 11, 2024 by cedric-anneHigh -
Account takeover via APIGHSA-r3mx-fr5f-gwgp published
Dec 11, 2024 by cedric-anneHigh -
Account takeover via the password reset featureGHSA-x794-564w-vgxx published
Dec 11, 2024 by cedric-anneHigh -
Stored XSS via document uploadGHSA-474f-9vpp-xxq5 published
Nov 15, 2024 by trasherModerate -
Account takeover without privilege escalation through the APIGHSA-3r4x-6pmx-phwr published
Dec 11, 2024 by cedric-anneHigh -
Authenticated SQL InjectionGHSA-67p8-v79j-jp86 published
Nov 15, 2024 by trasherModerate -
Users email enumeration by unauthenticated userGHSA-j8gc-xpgr-2ww7 published
Nov 18, 2024 by trasherHigh -
Reflected XSS in Software formGHSA-p633-wfj5-8x44 published
Nov 15, 2024 by trasherModerate -
Stored XSS in RSS feedsGHSA-j73h-x6j3-m479 published
Nov 15, 2024 by trasherModerate