CVE-2015-4071

Published: 2017-08-18T18:29Z

Last Modified: 2024-11-21T02:30Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt