PT-2005-5511 · Ez Systems · Ez Publish
Publicado
2005-12-31
·
Atualizado
2019-07-31
·
CVE-2005-4850
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions:
eZ publish versions 3.5 through 3.7 before 20050608
Description:
The issue allows remote attackers to edit data submitted by arbitrary anonymous users because it requires both edit and create permissions in order to submit data.
Recommendations:
For versions 3.5 through 3.7 before 20050608, consider updating permissions to restrict editing capabilities to authorized users only.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ez Publish