CVE-2009-3257

Metadata

CVE-2009-3257
3.6
trac.vtiger.com
2009-09-18
2017-12-08 00:07

Description

vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the (1) Account Billing Address and (2) Shipping Address fields in a profile by creating a Sales Order (SO) associated with that profile.

Related Vulnerabilities