CVE-2022-34126

Name of the Vulnerable Software and Affected Versions GLPI Activity plugin versions prior to 3.1.1

Description The issue allows reading local files via directory traversal in the "front/cra.send.php" file parameter. This can potentially lead to unauthorized access to sensitive information.

Recommendations For versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "front/cra.send.php" file to minimize the risk of exploitation.