eZ publish 3.5 up to and including 3.7 prior to 20050608 requires both edit and create permissions in order to submit data, which allows remote malicious users to edit data submitted by arbitrary anonymous users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ez ez publish |