CiviCRM Custom Search Permissions Access Bypass Vulnerability
|
Bugtraq ID:
|
64006
|
|
Class:
|
Access Validation Error
|
|
CVE:
|
CVE-2013-4661
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jun 05 2013 12:00AM
|
|
Updated:
|
Jun 05 2013 12:00AM
|
|
Credit:
|
Sarah Gladstone (Pogstone Inc), Pratik Joshi (CiviCRM LLC) and Donald Lobo (CiviCRM LLC)
|
|
Vulnerable:
|
CiviCRM CiviCRM 4.3.3
CiviCRM CiviCRM 4.3.2
CiviCRM CiviCRM 4.3.1
CiviCRM CiviCRM 4.3
CiviCRM CiviCRM 4.2.9
CiviCRM CiviCRM 4.2.8
CiviCRM CiviCRM 4.2.7
CiviCRM CiviCRM 4.2.4
CiviCRM CiviCRM 4.2.3
CiviCRM CiviCRM 4.2.2
CiviCRM CiviCRM 4.2.1
CiviCRM CiviCRM 4.2
CiviCRM CiviCRM 4.1
CiviCRM CiviCRM 3.3.3
CiviCRM CiviCRM 2.2
CiviCRM CiviCRM 4.2.6
CiviCRM CiviCRM 4.2.5
CiviCRM CiviCRM 4.1.1
CiviCRM CiviCRM 4.0.5
CiviCRM CiviCRM 3.1 Beta 5
CiviCRM CiviCRM 3.1 Beta 1
|
|
|
|
Not Vulnerable:
|
CiviCRM CiviCRM 4.3.4
CiviCRM CiviCRM 4.2.10
|
|
