Vulnerabilities

CVE-2020-27663

by Fred · 26/11/2020

In GLPI before 9.5.3, ajax/getDropdownValue.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any itemType (e.g., Ticket, Users, etc.).

Date published : 2020-11-26

https://github.com/glpi-project/glpi/security/advisories/GHSA-pqfv-4pvr-55r4

Similar

Tags: Cybersecurity Alert