CVE-2022-34126

InfotelGLPI/activity

on github

Published

April 16, 2023

Severity

CVSS v3:

7.5 HIGH

CVSS v2:

N/A

Description

The Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter.

References

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:glpi-project:activity::::::glpi::*	n/a	3.1.1	*

External Links

NVD - CVE-2022-34126