CVE-2010-5093
SilverStripe 2.3.x contains a vulnerability in Member_ProfileForm (security/Member.php) up to version 2.3.7 that allows remote attackers to hijack user accounts by saving data using the email address (ID) of another user. Affected software: SilverStripe 2.3.x (before 2.3.7). Root cause: input han...