Upstream released GLPI 0.83.3 [1] which fixes a CSRF flaw (CVE-2012-4002) [2],[3] fixed in r18770 [4]  and some XSS flaws (CVE-2012-4003) [4].

Patches are referenced in the noted bug reports.

[1] https://forge.indepnet.net/projects/glpi/versions/771
[2] https://forge.indepnet.net/issues/3704
[3] https://forge.indepnet.net/issues/3707
[4] https://forge.indepnet.net/issues/3705