The Authen::ExternalAuth extension before 0.11 for Best Practical Solutions RT allows remote attackers to obtain a logged-in session via unspecified vectors related to the URL of a RSS feed of the user.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Rt-authen-externalauth | Ubuntu | quantal | * |
Rt-authen-externalauth | Ubuntu | raring | * |
Rt-authen-externalauth | Ubuntu | saucy | * |
Rt-authen-externalauth | Ubuntu | upstream | * |
Rt-authen-externalauth | Ubuntu | utopic | * |
Rt-authen-externalauth | Ubuntu | vivid | * |
Rt-authen-externalauth | Ubuntu | wily | * |