The displaypost function in cgi-bin/cgi-lib/forum_display.pl in web-app.org WebAPP before 0.9.9.7 does not display usernames in conjunction with real names, which makes it easier for remote authenticated users to impersonate other users.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-06-26T23:00:00
Updated: 2008-11-15T10:00:00
Reserved: 2007-06-26T00:00:00
Link: CVE-2007-3418
JSON object: View
NVD Information
Status : Modified
Published: 2007-06-26T23:30:00.000
Modified: 2008-11-15T06:52:32.327
Link: CVE-2007-3418
JSON object: View
Redhat Information
No data.
CWE