Access Restriction Bypass Vulnerability in Review Board

Access Restriction Bypass Vulnerability in Review Board

CVE-2014-5028 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Original File and Patched File resources in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information from repository files by leveraging knowledge of database ids.

Learn more about our User Device Pen Test.