CVE Vulnerabilities

CVE-2009-3251

Published: Sep 18, 2009 | Modified: Nov 22, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

include/utils/ListViewUtils.php in vtiger CRM before 5.1.0 allows remote authenticated users to bypass intended access restrictions and read the (1) visibility, (2) location, and (3) recurrence fields of a calendar via a custom view.

Affected Software

Name Vendor Start Version End Version
Vtiger_crm Vtiger * 5.1.0

References