Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 26 Apr 2016 11:32:45 +0100
From: Fábio Pires <fp@...egrity.pt>
To: oss-security@...ts.openwall.com
Subject: CVE Request: Insecure Direct Object Reference in OSTicket (last
 versions availablle)

Hi,

Can i have a CVE ID assigned to this: "Insecure Direct Object Reference
in OSTicket attachments" ?

https://labs.integrity.pt/advisories/insecure-direct-object-reference-in-osticket-attachments/

References:

https://github.com/osTicket/osTicket-1.8/issues/2615
https://github.com/osTicket/osTicket-1.8/pull/2618

Regards


-- 

Fabio Pires
Pentesting Team

*INTEGRITY Portugal*

Av. João Crisóstomo, 30 5º
1050-127 | Lisboa* -* Portugal
Tel. +351 21 33 03 740 . Mob (+351) 93 65 50 016

www.integrity.pt <http://www.integrity.pt/> – www.keepitsecure24.com
<http://www.keepitsecure24.com/>


	

*INTEGRITY United Kingdom*

Suite 4B | 43 Berkeley Square

Mayfair, Westminster | London W1J 5FJ - UK





Content of type "text/html" skipped

Download attachment "logo_integrity.png" of type "image/png" (11151 bytes)

Download attachment "logos.png" of type "image/png" (28623 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.