CVSS 3.1 Score 8.8 of 10 (high)


Published Sep 27, 2023
Updated: Sep 29, 2023
CWE ID 269


CVE-2023-41326, also known as GLPI Kanban feature hijacking vulnerability, affects GLPI version 10.0.10 and earlier. This vulnerability allows any logged-in user to exploit the Kanban feature and modify user fields, potentially leading to account theft. There are no known workarounds for this issue, so users are advised to upgrade to version 10.0.10. The vulnerability has a CVSS base score of 8.8 (High severity) and poses a potential danger to organizations as it can result in unauthorized access and compromise of sensitive information.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-41326 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options