sirus . shahini Wed, 02 Dec 2015 09:40:48 -0800
The vulnerability resides in: mods/_standard/assignments/add_assignment.php at line 247 and the variable $assign_to.
The vendor failed to request a CVE number. So I decided to request one here.
