2 matches found
CVE-2010-0215
ActiveCollab before 2.3.2 allows remote authenticated users to bypass intended access restrictions, and 1 delete an attachment or 2 subscribe to an object, via a crafted URL...
CVE-2010-0215
ActiveCollab prior to version 2.3.2 is affected by an access-control bypass vulnerability that allows remote authenticated users to perform unauthorized actions such as deleting an attachment or subscribing to an object by using a crafted URL. The issue appears to stem from improper access restri...