CVE-2026-13490
Received Received - Intake

Authorization Bypass in GLPI Document Handler

Publication date: 2026-06-28

Last updated on: 2026-06-28

Assigner: VulDB

Description
A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be executed remotely. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-28
Last Modified
2026-06-28
Generated
2026-06-28
AI Q&A
2026-06-28
EPSS Evaluated
N/A
NVD
CVE-2026-13490
EUVD
EUVD-2026-39990

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
glpi-project glpi 11.0.5
glpi-project glpi 11.0.6
glpi-project glpi 11.0.7

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

This vulnerability can allow an unauthorized remote attacker to bypass authorization controls and access documents that should be restricted.

Such unauthorized access could lead to exposure of sensitive or confidential information.

However, the attack is difficult to exploit and requires high complexity, which may reduce the likelihood of successful exploitation.

Executive Summary

This vulnerability exists in the glpi-project glpi versions 11.0.5, 11.0.6, and 11.0.7, specifically in the Document::canViewFile function within the front/document.send.php file of the Document Handler component.

The issue arises from manipulation of the argument 'docid', which leads to an authorization bypass, allowing an attacker to potentially view documents they should not have access to.

The attack can be executed remotely but is characterized by high complexity and difficult exploitability.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-13490. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart