CVE-2007-0506

Name of the Vulnerable Software and Affected Versions Project issue tracking versions 4.7.0 through 5.x before 20070123

Description The issue allows remote authenticated users to bypass other access control modules. This is achieved by guessing the filename to obtain attached files and by making direct requests to obtain issue information. The project issue access function is involved in this issue.

Recommendations For versions 4.7.0 through 5.x before 20070123, consider restricting access to the project issue access function until a fix is available. Additionally, limiting direct requests to issue information and securing file attachments can help mitigate the risk.