CVE-2025-27153

medium

Description

Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11.

References

https://github.com/pluginsGLPI/escalade/security/advisories/GHSA-pvqv-8r3r-47m9

https://github.com/pluginsGLPI/escalade/releases/tag/2.9.11

Details

Source: Mitre, NVD

Published: 2025-07-01

Updated: 2025-07-03

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N