Filtered by vendor Yazd Subscriptions
Filtered by product Yazd Discussion Forum Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-5729 1 Yazd 1 Yazd Discussion Forum 2024-11-21 N/A
Yazd Discussion Forum before 3.0 beta does not properly manage forum permissions, which allows remote authenticated users to (1) reply to a message in an arbitrary forum, if authorized to create a message in any forum; and (2) perform certain unauthorized forum actions, related to an "error in how the permissions were assembled" that assigns extra permissions to users.