2006-02-20 20:00:00
mitre
PUBLISHED
Geeklog before 1.3.11sr3 allows remote attackers to bypass intended access restrictions and comment on an arbitrary story or topic by guessing the story ID.