Our team discovered a CVE in a popular open-source ITSM and Service Center software GLPI. The vulnerability allows to remotely trigger certain initialization code.