Description

Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."

Remediation

References

CVE-2006-4247

Related Vulnerabilities

ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3838)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2787)

WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (5.0.12)

Oracle JRE CVE-2020-2655 Vulnerability (CVE-2020-2655)

WordPress Plugin Realia Security Bypass (1.4.0)

Severity

Medium

Classification

CVE-2006-4247

Tags

Missing Update Known Vulnerabilities