CVE-2025-27153

Published: Jul 1, 2025Modified: Jul 3, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Exploitability: 3.9 / Impact: 2.5

Source: security-advisories@github.com (Secondary)

Description

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11.

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://github.com/pluginsGLPI/escalade/releases/tag/2.9.11

Source: security-advisories@github.com

https://github.com/pluginsGLPI/escalade/security/advisories/GHSA-pvqv-8r3r-47m9

Source: security-advisories@github.com

Timeline

No history available yet.