FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

GLPI -- multiple vulnerabilities

Affected packages
		glpi	<	10.0.15,1

Details

VuXML ID	5da8b1e6-0591-11ef-9e00-080027957747
Discovery	2024-04-03
Entry	2024-04-28

GLPI team reports:

GLPI 10.0.15 Changelog

[SECURITY - high] Authenticated SQL injection from map search (CVE-2024-31456)

[SECURITY - high] Account takeover via SQL Injection in saved searches feature (CVE-2024-29889)

[source]

References

CVE Name	CVE-2024-29889
CVE Name	CVE-2024-31456
URL	https://github.com/glpi-project/glpi/releases/tag/10.0.15