[isf-wifidog] Unsuitable Admin Access (html)
Bruno Remy
bruno.remy at videotron.ca
Mer 5 Mar 17:47:35 EST 2008
Hello,
When a single user (not an admin) logs into tha "admin" page
(http://auth.zapquebec.org/admin/index.php)
he is not supposed to see this frame :
It's a critical security failure, because he can acces to the "reusable
content library" and not only in "Read-only" but he can modify or
delete items !
This feature has to be disabled.
Bruno
Plus d'informations sur la liste de diffusion WiFiDog