Date: Tue, 19 Apr 2016 14:57:56 +0100 From: Fábio Pires <mail@...iopires.pt> To: oss-security@...ts.openwall.com Subject: CVE Request: Insecure Direct Object Reference in OSTicket attachments Hey guys, Can you assign a CVE ID for this Insecure Direct Object Reference in OSTicket attachments ? https://labs.integrity.pt/advisories/insecure-direct-object-reference-in-osticket-attachments/ References: https://github.com/osTicket/osTicket-1.8/issues/2615 https://github.com/osTicket/osTicket-1.8/pull/2618 Regards -- -- *Fábio Pires* *Country*: Portugal *www.fabiopires.pt <http://www.fabiopires.pt/>**<https://www.linkedin.com/in/fabiolspires>* == This email was signed automatically with PGP. If you want to exchange encrypted messages, please search for my PGP key: *Key*: 0x33524373 Content of type "text/html" skipped Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ