Forum Thread: Yazd Discussion Forum Two Security Bypass Issues

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
Yazd Discussion Forum Two Security Bypass Issues

Secunia Yazd Discussion Forum Two Security Bypass Issues
Secunia Official 26th Nov, 2010 02:19
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
Two security issues have been reported in Yazd Discussion Forum Software, which potentially can be exploited by malicious users to gain sensitive information and bypass security functionality.

1) Users with the permission to create messages in one forum could reply to messages in all forums.

2) An unspecified error in assembling permissions caused users to get more permissions for the forums than intended.

The security issues are reported in all versions prior to 3.0.

WSBOBO

RE: Yazd Discussion Forum Two Security Bypass Issues
[+]
This reply has been minimised due to a negative Relevancy Score.

WSBOBO

RE: Yazd Discussion Forum Two Security Bypass Issues
[+]
This reply has been minimised due to a negative Relevancy Score.