Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CheckCustomerAccess function in functions.php in CRM-CTT Interleave before 4.2.0 (formerly CRM-CTT) does not properly verify user privileges, which allows remote authenticated users with the LIMITTOCUSTOMERS privilege to bypass intended access restrictions and edit non-active user settings. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CRM-CTT CheckCustomerAccess 安全绕过漏洞
Vulnerability Description
CRM-CTT Interleave 中的functions.php的CheckCustomerAccess函数不能正确核实用户特权,具有 LIMITTOCUSTOMERS特权的远程验证用户可以绕过访问限制并编辑稳定的用户设置。
CVSS Information
N/A
Vulnerability Type
N/A