CVE-2022-34126
on github
Published
Severity
CVSS v3:
7.5 HIGH
CVSS v2:
N/A
Description
The Activity plugin before 3.1.1 for GLPI allows reading local files via directory traversal in the front/cra.send.php file parameter.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:glpi-project:activity:*:*:*:*:*:glpi:*:* | n/a | 3.1.1 | * |