In GLPI before version 9.4.6, there is a vulnerability that allows bypassing the open redirect protection based which is based on a regexp. This is fixed in version 9.4.6.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
glpi-project glpi |