Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 26 Apr 2016 11:32:45 +0100
From: F=c3=a1bio Pires <fp@...egrity.pt>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Insecure Direct Object Reference in OSTicket (last
 versions availablle)

Hi,

Can i have a CVE ID assigned to this: "Insecure Direct Object Reference
in OSTicket attachments" ?

https://labs.integrity.pt/advisories/insecure-direct-object-reference-in-osticket-attachments/

References:

https://github.com/osTicket/osTicket-1.8/issues/2615
https://github.com/osTicket/osTicket-1.8/pull/2618

Regards


-- 

Fabio Pires
Pentesting Team

*INTEGRITY Portugal*

Av. João Crisóstomo, 30 5º
1050-127 | Lisboa* -* Portugal
Tel. +351 21 33 03 740 . Mob (+351) 93 65 50 016

www.integrity.pt <http://www.integrity.pt/> – www.keepitsecure24.com
<http://www.keepitsecure24.com/>


	

*INTEGRITY United Kingdom*

Suite 4B | 43 Berkeley Square

Mayfair, Westminster | London W1J 5FJ - UK





[ CONTENT OF TYPE text/html SKIPPED ]

[ CONTENT OF TYPE image/png SKIPPED ]

[ CONTENT OF TYPE image/png SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ