GLPI: Security Patch Released for Delete User Account Vulnerability
CVE-2024-48912
8.1HIGH
What is CVE-2024-48912?
GLPI, an asset and IT management software, is susceptible to a serious flaw that permits an authenticated user to delete any user account via an application endpoint. This vulnerability affects versions 10.0.0 to 10.0.16, with version 10.0.17 incorporating a fix. It poses significant risks as it could lead to unauthorized account deletions, impacting user management and operational integrity.
Affected Version(s)
glpi >= 10.0.0, < 10.0.17