RSS   Vulnerabilities for 'Kintai kanri'   RSS

2012-11-08
 
CVE-2012-4021

 

 
MosP kintai kanri before 4.1.0 does not properly perform authentication, which allows remote authenticated users to impersonate arbitrary user accounts, and consequently obtain sensitive information or modify settings, via unspecified vectors.

 
 
CVE-2012-4020

 

 
MosP kintai kanri before 4.1.0 does not enforce privilege requirements, which allows remote authenticated users to read other users' information via unspecified vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top