2006-06-07 10:00:00
mitre
PUBLISHED
index.php in GANTTy 1.0.3 allows remote attackers to obtain the full path of the web server via an invalid lang parameter in an authenticate action.