Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
4DescriptionGitHub Advisory
Escalade GLPI plugin is a ticket escalation process helper for GLPI. Prior to version 2.9.11, there is an improper access control vulnerability. This can lead to data exposure and workflow disruptions. This issue has been patched in version 2.9.11.
AnalysisAI
A security vulnerability in is a ticket escalation process helper for GLPI. (CVSS 6.5). Remediation should follow standard vulnerability management procedures.
Technical ContextAI
CWE-284 (Improper Access Control). Affects is a ticket escalation process helper for GLPI..
RemediationAI
Monitor vendor channels for patch availability.
Same weakness CWE-284 – Improper Access Control
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-19663