CVE-2010-2116

The affected product is McAfee Email Gateway (formerly IronMail) version 6.7.1. The vulnerability is in the web interface, where remote authenticated users with only Read privileges can gain Write privileges by sending a direct request to admin/systemWebAdminConfig.do via the save action, allowin...