CVE-2003-0399
Summary
Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- NONE
References
Advisory Timeline
- Published