CVE Vulnerabilities

CVE-2011-1950

Published: Jun 06, 2011 | Modified: Oct 09, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:P
RedHat/V2
3.5 MODERATE
AV:N/AC:M/Au:S/C:N/I:P/A:N
RedHat/V3
Ubuntu
MEDIUM

plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011.

Affected Software

Name Vendor Start Version End Version
Plone Plone 4.0 (including) 4.0 (including)
Plone Plone 4.1 (including) 4.1 (including)
Zope-cmfplone Ubuntu hardy *

References