CVE-2025-53008 Information

Description

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package that provides ITIL Service Desk features licenses tracking and software auditing. In versions 9.3.1 through 10.0.19 a connected user can use a malicious payload to steal mail receiver credentials. This is fixed in version 10.0.19.

Reference

https://github.com/glpi-project/glpi/security/advisories/GHSA-52h8-76ph-4j9q

Related CNNVD

CNNVD-202507-3775 (Published: 2025-07-30)