CVE-2024-27756 Information

Description

An issue in GLPI v.10.0.12 and before allows a remote attacker to execute arbitrary code escalate privileges and obtain sensitive information via a crafted script to the title field.

Reference

https://medium.com/%40cristiansindile/formula-injection-in-glpi-cve-2024-27756-3649c7cca092