1 matches found
Code injection
Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFFLOGIN permission to obtain sensitive settings history information by leveraging listing of open-ils.pcrud as a controller in the IDL...