NuytsTech Security

CVE-2014-9324

by ·

The GenericInterface in OTRS Help Desk 3.2.x before 3.2.17, 3.3.x before 3.3.11, and 4.0.x before 4.0.3 allows remote authenticated users to access and modify arbitrary tickets via unspecified vectors.

Date published : 2014-12-19

http://advisories.mageia.org/MGASA-2015-0031.html

https://www.otrs.com/security-advisory-2014-06-incomplete-access-control/

Tags: