PT-2005-5515 · Ez Systems · Ez Publish
Publicado
2005-12-31
·
Atualizado
2015-07-28
·
CVE-2005-4854
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
eZ publish versions 3.5 through 3.7 before 20050830
Description:
The issue allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders because it does not use a folder's read permissions to restrict notifications.
Recommendations:
For versions 3.5 through 3.7 before 20050830, update to a version released after 20050830 to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ez Publish