Package: phpgroupware-fudforum Version: 0.9.16.006-1 Severity: grave Tags: security Justification: user security hole
The Fudforum in egroupware is vulnerable to CAN-2005-2600: FUDForum 2.6.15 with "Tree View" enabled allows remote attackers to read private posts via a modified mid parameter. See http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0383.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
