NetEye Blog

Reconstructing protected or hidden custom variables in Icinga DB Web

Recently Icinga DB Web had a new security release, fixing a vulnerability where protected or hidden custom variables could be inferred by any user with object visibility by abusing comparative filters ...