CVE-2017-15235

Publication date

2017-10-11 03:00:00

Family

mitre

State

PUBLISHED

Description

The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.