
We found results for “”
CVE-2025-21619
Good to know:

Date: March 18, 2025
GLPI is a free asset and IT management software package. An administrator user can perfom a SQL injection through the rules configuration forms. This vulnerability is fixed in 10.0.18.
Severity Score
Severity Score
Weakness Type (CWE)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CWE-89Top Fix

CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |