Flyspray 0.9.9, when output_buffering is disabled or set to a low value, allows remote attackers to bypass authentication via a crafted post request.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Flyspray |
Flyspray |
0.9.9 (including) |
0.9.9 (including) |
References