3 matches found
CVE-2014-6276
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details...
CVE-2014-6276
The CVE-2014-6276 entry corresponds to Roundup (web-based issue tracker) and affects versions before 1.5.1. The root cause is that schema.py does not properly restrict attributes in default user permissions, enabling remote authenticated users to view sensitive user details. Observed impact inclu...
[SECURITY] [DSA 3502-1] roundup security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3502-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez March 03, 2016 https://www.debian.org/security/faq -...