eZ publish 3.5 through 3.7 before 20050608 requires both edit and create permissions in order to submit data, which allows remote attackers to edit data submitted by arbitrary anonymous users.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2007-07-06T19:00:00Z
Updated: 2024-09-17T01:51:15.860Z
Reserved: 2007-07-06T00:00:00Z
Link: CVE-2005-4850

No data.

Status : Modified
Published: 2005-12-31T05:00:00.000
Modified: 2024-11-21T00:05:19.887
Link: CVE-2005-4850

No data.