TestLink < 1.7.1 Authorization Mechanism Failure
Medium Nessus Network Monitor Plugin ID 4283
SynopsisThe remote host is vulnerable to a flaw that allows authenticated attackers to gain access to the account data of other users.
DescriptionThe remote host is running TestLink, an application testing suite written in PHP.
This version is reported vulnerable to a flaw in the 'userview.php' script. Specifically, an authenticated user would be able to view and modify the accounts of other users.
SolutionUpgrade to version 1.7.1 or higher.