Primary

Context

GLPI Access to Unauthorized Information via External Links Vulnerability

Vulnerability

Patched

A vulnerability in GLPI versions 0.65 through 10.0.18 allows technicians to access information on items they are not authorized to view by using the external links feature. This issue has been addressed in version 10.0.19.

Impact

Exploitation of this vulnerability allows unauthorized access to information on items, bypassing established permissions.

Remediation

Users are advised to upgrade to GLPI version 10.0.19.

Added: Jul 30, 2025, 3:27 PM

Updated: Jul 30, 2025, 3:27 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

4.8

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

4.8

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

GLPI Access to Unauthorized Information via External Links Vulnerability

Vulnerability

Impact

Remediation

Affected Products

GLPI

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating