GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. A logged user from any profile can hijack the Kanban feature to alter any user field, and end-up with stealing its account. Users are advised to upgrade to version 10.0.10. There are no known workarounds for this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-09-26T22:40:49.778Z
Updated: 2024-08-02T19:01:33.619Z
Reserved: 2023-08-28T16:56:43.366Z
Link: CVE-2023-41326
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-27T15:19:29.917
Modified: 2023-09-29T18:10:09.020
Link: CVE-2023-41326
Redhat
No data.