FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

GLPI -- multiple vulnerabilities

Affected packages
		glpi	<	10.0.11,1

Details

VuXML ID	ed688880-00c4-11ef-92b7-589cfc023192
Discovery	2023-12-13
Entry	2024-04-22

GLPI team reports:

GLPI 10.0.11 Changelog

[SECURITY - moderate] Authenticated SQL Injection (CVE-2023-43813)

[SECURITY - high] SQL injection through inventory agent request (CVE-2023-46727)

[SECURITY - high] Remote code execution from LDAP server configuration form on PHP 7.4 (CVE-2023-46726)

[source]

References

CVE Name	CVE-2023-43813
CVE Name	CVE-2023-46726
CVE Name	CVE-2023-46727
URL	https://github.com/glpi-project/glpi/releases/tag/10.0.11