GLPI before 9.1.5 allows SQL injection via an ajax/getDropdownValue.php request with an entity_restrict parameter that is not a list of integers.Referenceshttps://github.com/glpi-project/glpi/issues/2456https://github.com/glpi-project/glpi/releases/tag/9.1.5
