The tipafriend function in eZ publish prior to 3.8.9, and 3.9 prior to 3.9.3, does not limit access by anonymous users, which allows remote malicious users to conduct spam attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ez ez publish 3.9.1 |
||
ez ez publish 3.9.2 |
||
ez ez publish |
||
ez ez publish 3.9.0 |