SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and usertype=Administrator.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Saleslogix | Best_software | * | * |
Saleslogix | Saleslogix_corporation | 2000.0 (including) | 2000.0 (including) |