| Max CVSS | 6.0 | Min CVSS | 6.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-11033 | 6.0 |
In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. The response contains: - All api_tokens which can be used to do privileges escalat
|
14-09-2021 - 14:09 | 05-05-2020 - 22:15 |