Autocompletion Vulnerability in GLPI before 0.80.2

Autocompletion Vulnerability in GLPI before 0.80.2

CVE-2011-2720 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request.

Learn more about our User Device Pen Test.