ID | CVE-2007-4493 | ||||||
Sažetak | eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:N/AC:L/Au:N/C:C/I:C/A:C | ||||||
Zadnje važnije ažuriranje | 27-07-2015 - 18:36 | ||||||
Objavljeno | 23-08-2007 - 01:17 |