Open Redirect Vulnerability in GLPI by GLPI Project
CVE-2024-11955
5.3MEDIUM
What is CVE-2024-11955?
A vulnerability exists in GLPI versions up to 10.0.17, specifically within the /index.php file. This issue stems from improper handling of the 'redirect' argument, allowing an attacker to execute a remote open redirect. Publicly disclosed exploits could be utilized, highlighting the urgency for users to upgrade to GLPI version 10.0.18 or later to mitigate this security risk.
Affected Version(s)
GLPI 10.0.0
GLPI 10.0.1
GLPI 10.0.2