{"id":435025,"date":"2024-11-06T12:33:29","date_gmt":"2024-11-06T12:33:29","guid":{"rendered":"https:\/\/glpi.instawp.xyz\/?p=435025"},"modified":"2025-06-16T13:13:48","modified_gmt":"2025-06-16T12:13:48","slug":"new-version-of-glpi-v10-0-17","status":"publish","type":"post","link":"https:\/\/www.glpi-project.org\/en\/new-version-of-glpi-v10-0-17\/","title":{"rendered":"New version of GLPI: v10.0.17"},"content":{"rendered":"<h2 class=\"wp-block-heading\">A new version of GLPI is available!<\/h2>\n<p>This version fixes some <strong>security issues<\/strong> that were recently discovered. <strong>Updating is recommended!<\/strong><\/p>\n<p><a href=\"https:\/\/github.com\/glpi-project\/glpi\/releases\/download\/10.0.17\/glpi-10.0.17.tgz\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>The GLPI version 10.0.17 archive<\/strong><\/a> is available on GitHub.<\/p>\n<p>Below is a list of security issues fixed in this version:<\/p>\n<ul class=\"wp-block-list\">\n<li>Session hijacking by an unauthenticated user (CVE-2024-50339)<\/li>\n<li>Account takeover via SQL injection (CVE-2024-40638)<\/li>\n<li>Email address enumeration by an unauthenticated user (CVE-2024-43416)<\/li>\n<li>Account takeover without privilege escalation via API (CVE-2024-47758)<\/li>\n<li>Account takeover via password reset feature (CVE-2024-47761)<\/li>\n<li>Account takeover via API (CVE-2024-47760)<\/li>\n<li>Unauthorized account deletion by an authenticated user (CVE-2024-48912)<\/li>\n<li>SQL injection by an authenticated user (CVE-2024-45608)<\/li>\n<li>SQL injection in the ticket form (CVE-2024-41679)<\/li>\n<li>Stored XSS in RSS feeds (CVE-2024-45611)<\/li>\n<li>Stored XSS in uploaded documents (CVE-2024-47759)<\/li>\n<li>Multiple reflected XSS (CVE-2024-43417, CVE-2024-43418, CVE-2024-45609, CVE-2024-45610, CVE-2024-41678)<\/li>\n<\/ul>\n<p>Many bug fixes have also been made, check the <strong><a href=\"https:\/\/github.com\/glpi-project\/glpi\/milestone\/68?closed=1\" target=\"_blank\" rel=\"noreferrer noopener\">changelog<\/a><\/strong> for more details.<\/p>\n<p>We thank everyone who contributed to this new version and more generally all those who regularly support the GLPI project.<\/p>\n<p>Best regards.<\/p>\n<h3 class=\"wp-block-heading\">Follow us on our social media to not miss anything!<\/h3>\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\"><div class=\"wp-block-button\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/linktr.ee\/GLPI_PROJECT\" target=\"_blank\" rel=\"noreferrer noopener\">Follow!<\/a><\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>A new version of GLPI is available! This version fixes some security issues that were recently discovered. Updating is recommended! The GLPI version 10.0.17 archive is available on GitHub. Below is a list of security issues fixed in this version: Many bug fixes have also been made, check the changelog for more details. We thank [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":435710,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[155],"tags":[],"class_list":["post-435025","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-versions"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/posts\/435025","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/comments?post=435025"}],"version-history":[{"count":1,"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/posts\/435025\/revisions"}],"predecessor-version":[{"id":436241,"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/posts\/435025\/revisions\/436241"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/media\/435710"}],"wp:attachment":[{"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/media?parent=435025"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/categories?post=435025"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.glpi-project.org\/en\/wp-json\/wp\/v2\/tags?post=435025"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}