plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
plone plone 4.0 |
||
plone plone 4.1 |