|
WorkforceROI XPede Arbitrary Time Sheet Disclosure Vulnerabiltiy
XPede is web-based project accounting software. It is available for Microsoft Windows operating systems. An issue has been reported in Xpede, which could allow a remote user to access the time sheets of other users. The vulnerability is in the 'ets_app_process.asp' script and is due to a lack of adequate authorization checks. This issue was reported for XPede 4.1. Other versions may also be affected. |
|
 Privacy Statement |
