GLPI v9.5.2 Release Notes
Release Date: 2020-10-07 // over 3 years ago-
🚀 This is a security release, upgrading is highly recommended
🛠 Note: some of fixed vulnerabilities are present since a long time (0.68).
Non exhaustive list of changes:
- 🔒 [security] SQL injection with a query parameter of user form (CVE-2020-15176)
- 🔒 [security] Removal of
.htaccess
file in thefiles
folder via a plugin endpoint (CVE-2020-15175) - 🔒 [security] Leakage issue with knowledge base (CVE-2020-15217)
- 🔒 [security] Stored XSS in install script (CVE-2020-15177)
- 🔒 [security] Minor SQL Injection in
Search
API (CVE-2020-15226) - several mailgate issues
- several dashboards issues
- dashboards improvements: personnal filters , new summary and articles widgets, ...
- and more!
👀 See changelog for details.