mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 22:53:11 +00:00
711 B
711 B
CVE-2012-6563
Description
engine/lib/access.php in Elgg before 1.8.5 does not properly clear cached access lists during plugin boot, which allows remote attackers to read private entities via unspecified vectors.
POC
Reference
- http://elgg.org/getelgg.php?forward=elgg-1.8.5.zip
- http://elgg.org/getelgg.php?forward=elgg-1.8.5.zip
Github
No PoCs found on GitHub currently.