VYPR
Medium severity6.5NVD Advisory· Published Feb 1, 2018· Updated Jun 17, 2026

CVE-2013-7435

CVE-2013-7435

Description

The open-ils.pcrud endpoint in Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to obtain sensitive settings history information by leveraging lack of user permission for retrieval in fm_IDL.xml.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Evergreen/Evergreeninferred2 versions
    <2.5.9 || >=2.6.0,<2.6.7 || >=2.7.0,<2.7.4+ 1 more
    • (no CPE)range: <2.5.9 || >=2.6.0,<2.6.7 || >=2.7.0,<2.7.4
    • (no CPE)range: <2.5.9, <2.6.7, <2.7.4

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.