CVE-2009-2125

Publication date

2009-06-19 17:32:00

Family

mitre

State

PUBLISHED

Description

delete_bug.php in Elvin before 1.2.1 does not require administrative privileges, which allows remote authenticated users to bypass intended access restrictions and delete arbitrary bugs.