CVE-2012-2770

The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the "URL of a RSS feed of the user."
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:mike_peachey:authen\:\:externalauth:*:*:*:*:*:*:*:*
cpe:2.3:a:mike_peachey:authen\:\:externalauth:0.05:*:*:*:*:*:*:*
cpe:2.3:a:bestpractical:rt:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-08-15 21:55

Updated : 2024-02-28 12:00


NVD link : CVE-2012-2770

Mitre link : CVE-2012-2770

CVE.ORG link : CVE-2012-2770


JSON object : View

Products Affected

mike_peachey

  • authen\

bestpractical

  • rt
CWE
CWE-264

Permissions, Privileges, and Access Controls