Guest have access to script execution link

XMLWordPrintable

    • Sprint 19, Sprint 21, Sprint 22
    • 0.5

      Guest can open script execution link, for example /scripts_exec.php?hostid=10084&scriptid=1
      So guest can change script and host ids to see confidential information, for example host ip

      Thanks to vjaceslavs

            Assignee:
            Miks Kronkalns
            Reporter:
            Natalja Romancaka
            Team A
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: