Description
member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2012-5086 Vulnerability (CVE-2012-5086)
WordPress Plugin Visitor Traffic Real Time Statistics Cross-Site Request Forgery (2.12)
WordPress Plugin Another WordPress Classifieds Multiple Vulnerabilities (2.2.1)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2009-4066)
WordPress Plugin Newsletter-Send awesome emails from WordPress CSV Injection (6.5.3)