2 matches found
CVE-2014-2866
CommonSpot (PaperThin) before 7.0.2 and 8.x before 8.0.3 is vulnerable because access restrictions rely on client-side JavaScript, which can be bypassed by an attacker who can modify that code to perform operations that should be restricted. The Red Hat security entry documents the same descripti...
CVE-2014-2866
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on client JavaScript code for access restrictions, which allows remote attackers to perform unspecified operations by modifying this code...