CVE-2020-15176 Information

Description

In GLPI before version 9.5.2 when supplying a back tick in input that gets put into a SQL querythe application does not escape or sanitize allowing for SQL Injection to occur. Leveraging this vulnerability an attacker is able to exfiltrate sensitive information like passwords reset tokens personal details and more. The issue is patched in version 9.5.2

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Reference

https://github.com/glpi-project/glpi/commit/f021f1f365b4acea5066d3e57c6d22658cf32575 https://github.com/glpi-project/glpi/security/advisories/GHSA-x93w-64x9-58qw

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

8.6