x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote authenticated users to gain privileges via unspecified vectors, possibly related to backticks.
Gentoo Linux Security Advisory 201405-26 - A local privilege escalation vulnerability has been discovered in X2Go Server. Versions greater than or equal to 4.0.1.12 are affected.