{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T02:47:47.674","vulnerabilities":[{"cve":{"id":"CVE-2026-23489","sourceIdentifier":"security-advisories@github.com","published":"2026-03-16T18:16:06.800","lastModified":"2026-06-17T10:21:40.833","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Prior to version 1.23.3, it is possible to execute arbitrary PHP code from users that are allowed to create dropdowns. This issue has been patched in version 1.23.3."},{"lang":"es","value":"Fields es un plugin de GLPI que permite a los usuarios añadir campos personalizados en los formularios de elementos de GLPI. Antes de la versión 1.23.3, es posible ejecutar código PHP arbitrario por parte de usuarios que tienen permiso para crear desplegables. Este problema ha sido parcheado en la versión 1.23.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pluginsGLPI","product":"fields","versions":[{"version":"< 1.23.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-16T17:46:27.792352Z","id":"CVE-2026-23489","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:teclib-edition:fields:*:*:*:*:*:glpi:*:*","versionEndExcluding":"1.23.3","matchCriteriaId":"D8D41280-4949-46CA-94DE-B0A44A836D0E"}]}]}],"references":[{"url":"https://github.com/pluginsGLPI/fields/releases/tag/1.23.3","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/pluginsGLPI/fields/security/advisories/GHSA-rj7q-mmx9-fhq7","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}