CVE-2026-22247

Name of the Vulnerable Software and Affected Versions GLPI versions 11.0.0 through 11.0.4

Description A GLPI administrator can perform Server-Side Request Forgery (SSRF) requests through the Webhook feature. This allows an attacker to potentially make requests on behalf of the server, accessing internal resources or performing actions with the server's privileges.

Recommendations Update to version 11.0.5 or later.