Vulnerability Details CVE-2007-1788
Flyspray 0.9.9, when output_buffering is disabled or "set to a low value," allows remote attackers to bypass authentication via a crafted post request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.4%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/24702
- http://www.flyspray.org/fsa:1
- http://www.securityfocus.com/bid/23214
- http://www.vupen.com/english/advisories/2007/1181
- http://secunia.com/advisories/24702
- http://www.flyspray.org/fsa:1
- http://www.securityfocus.com/bid/23214
- http://www.vupen.com/english/advisories/2007/1181