CVE-2019-10232

Teclib GLPI through 9.3.3 has SQL injection via the “cycle” parameter in /scripts/unlock_tasks.php.
Source: NIST
CVE-2019-10232