Security Advisory

CVE-2007-2233

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-04-25 15:00:00

Last updated 2024-08-07 13:33:27

Assigner mitre

State PUBLISHED

Description

cosign-bin/cosign.cgi in Cosign 2.0.2 and earlier allows remote authenticated users to perform unauthorized actions as an arbitrary user by using CR (r) sequences in the service parameter to inject LOGIN and REGISTER commands with the desired username.

← Browse all CVEs View on cve.org ↗