GLPI up to 9.5.5 API REST injection
A vulnerability was found in GLPI up to 9.5.5 (Asset Management Software). It has been declared as critical. Affected by
GLPI up to 9.5.5 Autologin Cookie cookie without 'httponly' flag
A vulnerability, which was classified as problematic, was found in GLPI up to 9.5.5 (Asset Management Software). Affected is an
GLPI up to 9.5.5 cross-site request forgery [CVE-2021-39209]
A vulnerability classified as problematic was found in GLPI up to 9.5.5 (Asset Management Software). Affected by this vulnerability is
GLPI up to 9.5.6 Telemetry Endpoint ajax/telemetry.php information disclosure
A vulnerability was found in GLPI up to 9.5.6 (Asset Management Software). It has been rated as problematic. Affected by