CVE-2007-3600
N/A
N/A
Summary
WordPlugin in the wordintegration component in vtiger CRM before 5.0.3 allows remote authenticated users to bypass field level security permissions and merge arbitrary fields in an Email template, as demonstrated by the fields in the Contact module.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/3790
- http://osvdb.org/45784
- http://trac.vtiger.com/cgi-bin/trac.cgi/report/9
- http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/10845
References
- http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/3790
- http://osvdb.org/45784
- http://trac.vtiger.com/cgi-bin/trac.cgi/report/9
- http://trac.vtiger.com/cgi-bin/trac.cgi/changeset/10845
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.