PT-2011-43: Database information disclosure in Kayako Fusion
A vulnerability has been discovered in Kayako Fusion, which can be exploited by a malicious person with a 'staff' privileged user account. The vulnerability exists in the logic of report generation, which is based on Kayako Query Language KQL. An authorized 'staff' user can generate a report...