N/A

FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to Insecure Permissions. A remote authenticated user can append comments or upload attachments to tickets for which they lack view or edit authorization, due to missing authorization checks in the ticketing/commenting API.

N/A

N/A

FairSketch Rise Ultimate Project Manager and CRM 安全漏洞

FairSketch Rise Ultimate Project Manager and CRM是FairSketch公司的一款团队管理与客户关系管理系统。 FairSketch Rise Ultimate Project Manager and CRM 3.9.4版本存在安全漏洞，该漏洞源于票据评论API缺少授权检查，可能导致远程认证用户越权评论或上传附件。

N/A

N/A