Guervild

**Name of the Vulnerable Software and Affected Versions** GLPI versions 0.80 through 10.0.16 **Description** GLPI is a free asset and IT management software package. The issue is related to incorrect access control, allowing an authenticated user to use an application endpoint to delete any user account. **Recommendations** For versions 0.80 through 10.0.16, update to version 10.0.17 to resolve the issue. As a temporary workaround, consider restricting access to the application endpoint that allows user account deletion until the update is applied.