2 matches found
CVE-2006-7219
eZ publish before 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, and then using Manage Versions to copy this version to a new draft...
CVE-2006-7219
The CVE concerns eZ Publish before 3.8.5 where permissions for editing in a specific language are not properly enforced. This allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, then using Manage Versions to copy that versio...