Information Disclosure Vulnerability in GLPI Asset Management Software
CVE-2024-43416
5.3MEDIUM
What is CVE-2024-43416?
GLPI, a free asset and IT management software package, is susceptible to an information disclosure vulnerability. This flaw enables unauthenticated users to utilize a specific application endpoint to determine whether an email address is associated with an existing GLPI user. Users of GLPI versions prior to 10.0.17 are advised to update to the latest version to mitigate this risk.