CVE-2007-4493

2007-08-22T21:17:00
ID CVE-2007-4493
Type cve
Reporter NVD
Modified 2015-07-27T14:36:20

Description

eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module.