Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 19 Apr 2016 14:57:56 +0100
From: Fábio Pires <mail@...iopires.pt>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Insecure Direct Object Reference in OSTicket attachments

Hey guys,

Can you assign a CVE ID for this Insecure Direct Object Reference in
OSTicket attachments ?

https://labs.integrity.pt/advisories/insecure-direct-object-reference-in-osticket-attachments/

References:

    https://github.com/osTicket/osTicket-1.8/issues/2615
    https://github.com/osTicket/osTicket-1.8/pull/2618


Regards
-- 
-- 
*Fábio Pires*
*Country*: Portugal
*www.fabiopires.pt
<http://www.fabiopires.pt/>**<https://www.linkedin.com/in/fabiolspires>*
==
This email was signed automatically with PGP. If you want to exchange
encrypted messages, please search for my PGP key:
*Key*: 0x33524373


Content of type "text/html" skipped

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ