CVE-2011-4459

描述

Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.

受影響套件(1)

• Debian/request-tracker4from 0, < 4.0.5-3

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-4459