← back
CVE-2009-3251

CVE-2009-3251

EPSS 1.0%
include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence fields of a calendar via a custom view.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/36309http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/12407http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/4208http://www.osvdb.org/57241