PT-2025-31390 · Glpi · Glpi

Estevezsantos

Published

2025-07-30

Updated

2025-07-30

CVE-2025-53357

Report an issue

CVSS v3.1

5.4

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions:

GLPI versions 0.78 through 10.0.18

Description:

GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.78 through 10.0.18, a connected user can alter the reservations of another user.

Recommendations:

Update to version 10.0.19 or later.

Fix

IDOR

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2025-53357

GHSA-X9MJ-822Q-6CF8

Affected Products

Glpi

PT-2025-31390 · Glpi · Glpi

Weakness Enumeration

Related Identifiers

Affected Products

References · 5