7 lines
No EOL
435 B
Text
7 lines
No EOL
435 B
Text
source: http://www.securityfocus.com/bid/10217/info
|
|
|
|
It has been reported that OpenBB is affected by a private message disclosure vulnerability. This issue is due to a design error that fails to validate user credentials.
|
|
|
|
This issue might allow an attacker to read arbitrary private messages posted to the bulletin board; limiting confidentiality.
|
|
|
|
http:/www.example.com/forum/myhome.php?action=readmsg&id=[message_id]&box=inbox |