GLPI prior to 0.84.7 does not properly restrict access to cost information, which allows remote malicious users to obtain sensitive information via the cost criteria in the search bar.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
glpi-project glpi |