2007-08-31 23:00:00
mitre
PUBLISHED
xGB.php in xGB 2.0 does not require authentication for an admin edit action, which allows remote attackers to make unspecified changes via an unknown series of steps.