Incorrect Access Control in I, Librarian Version 4.9 and Earlier: Unauthorized Access to Project Discussions

Incorrect Access Control in I, Librarian Version 4.9 and Earlier: Unauthorized Access to Project Discussions

CVE-2018-1000141 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in ajaxdiscussion.php that can result in any users gaining unauthorized access (read, write and delete) to project discussions.

Learn more about our User Device Pen Test.