The tipafriend function in eZ publish before 3.8.9, and 3.9 before 3.9.3, does not limit access by anonymous users, which allows remote attackers to conduct spam attacks.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2007-08-23 01:17
Updated : 2024-02-04 17:13
NVD link : CVE-2007-4494
Mitre link : CVE-2007-4494
CVE.ORG link : CVE-2007-4494
JSON object : View
Products Affected
ez
- ez_publish
CWE