TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown impact and attack vectors.Referenceshttp://osvdb.org/42211http://secunia.com/advisories/27600http://sourceforge.net/project/shownotes.php?release_id=548619&group_id=90976http://www.securityfocus.com/bid/26439
