2 matches found
CVE-2005-4853
The default configuration of the forum package in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does not restrict edit permissions to a posting's owner, which allows remote authenticated users to edit arbitrary postings...
CVE-2005-4853
CVE-2005-4853 affects the forum package in eZ publish. In default configurations, edit permissions are not restricted to the posting’s owner, allowing remote authenticated users to edit arbitrary postings. Affected versions are: eZ publish 3.5 before 3.5.5; 3.6 before 3.6.2; 3.7 before 3.7.0rc2; ...