CVE-2022-34125

Published April 16th, 2023

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access to sensitive information via a _log/ pathname in the file parameter.

InfotelGLPI/cmdb

CMDB plugin for GLPI

GitHub