CVE-2011-2720

N/A Unknown

Published: August 05, 2011 Modified: April 29, 2026

Description

The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063408.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063679.html

Source: secalert@redhat.com

http://secunia.com/advisories/45366

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/45542

Source: secalert@redhat.com

http://www.glpi-project.org/spip.php?page=annonce&id_breve=237&lang=en

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2012:014

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2011/07/25/7

Source: secalert@redhat.com

Patch

http://www.openwall.com/lists/oss-security/2011/07/26/11

Source: secalert@redhat.com

Patch

http://www.securityfocus.com/bid/48884

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=726185

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/issues/3017

Source: secalert@redhat.com

https://forge.indepnet.net/projects/glpi/repository/revisions/14951

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/repository/revisions/14952

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/repository/revisions/14954

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/repository/revisions/14955

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/repository/revisions/14956

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/repository/revisions/14957

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/repository/revisions/14958

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/repository/revisions/14960

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/repository/revisions/14966

Source: secalert@redhat.com

Patch

https://forge.indepnet.net/projects/glpi/versions/605

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063408.html