CVE-2022-35914 Information

Description

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.

Reference

http://www.bioinformatics.org/phplabware/sourceer/sourceer.php?&Sfs=htmLawedTest.php&Sl=.%2Finternal_utilities%2FhtmLawed https://github.com/glpi-project/glpi/releases https://glpi-project.org/fr/glpi-10-0-3-disponible/