Update: GLPI 10.0.2

Update: GLPI 10.0.2

This is a security release, upgrading is recommended

Download it

A lot of issues have been fixed since GLPI 10.0.1 version.
Below, you’ll find a short list of key points of this release:

  • SECURITY] Unauthenticated SQL injection on login page (CVE-2022-31061)
  • [SECURITY] SQL injection on actor part in assistance forms (CVE-2022-31056)
  • [SECURITY] Unauthenticated Sensitive Data Exposure on Refused Inventory Files (CVE-2022-31068)
  • FIX adding actors to ITIL Objects (#11796#11957)
  • FIX unwanted “promote to ticket” feature on self-service interface (#11834)
  • FIX native inventory do not inject switch information (#11864)
  • FIX entity for software creation (#11887#11837)
  • FEAT permits global lock on entity (#11853)

The full changelog is available for more details.