Plone 2.x MembershipTool Access Control Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17484/info Plone is susceptible to a remote access-control bypass vulnerability. This issue is due to the application's failure to properly enforce privileges to various MembershipTool methods. This issue allows remote,...

FreeBSD : plone -- unprotected MembershipTool methods (b6c18956-5fa3-11db-ad2d-0016179b2dd5)

The Plone Team reports : Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the : - changeMemberPortrait - deletePersonalPortrait - testCurrentPassword methods, which allows remote attackers to modify portraits. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

Plone 2.x - MembershipTool Access Control Bypass

Plone 2.x - MembershipTool Access Control Bypass source: https://www.securityfocus.com/bid/17484/info Plone is susceptible to a remote access-control bypass vulnerability. This issue is due to the application's failure to properly enforce privileges to various MembershipTool methods. This issue...

Plone 2.x - MembershipTool Access Control Bypass

source: https://www.securityfocus.com/bid/17484/info Plone is susceptible to a remote access-control bypass vulnerability. This issue is due to the application's failure to properly enforce privileges to various MembershipTool methods. This issue allows remote, anonymous attackers to modify and...