cvedb.io
CVE-2022-39372
LOW · CVSS 3.5
EPSS exploitation probability: 0%
Published 2022-11-03T16:15:10.210 · Last modified 2026-06-17T04:58:14.160

Summary

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Authenticated users may store malicious code in their account information. This issue has been patched, please upgrade to version 10.0.4. There are currently no known workarounds.

Affected products

glpi-project — glpi

Does this affect you?

Add your gear to cvedb and we'll alert you only when glpi-project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.