4 matches found
CVE-2009-5056
Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...
CVE-2009-5056
Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...
CVE-2009-5056
CVE-2009-5056 affects Open Ticket Request System (OTRS) prior to 2.4.0-beta2. The flaw is an improper enforcement of the queue move_into permission that allows remote authenticated users to bypass access controls and read a ticket by watching it, then selecting it from the watched-tickets list. T...
CVE-2009-5056
Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...