Vulnerability Details : CVE-2006-7219
eZ publish before 3.8.5 does not properly enforce permissions for editing in a specific language, which allows remote authenticated users to create a draft in an unauthorized language by editing an archived version of an object, and then using Manage Versions to copy this version to a new draft.
Exploit prediction scoring system (EPSS) score for CVE-2006-7219
Probability of exploitation activity in the next 30 days: 0.12%
CVSS scores for CVE-2006-7219
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
CWE ids for CVE-2006-7219
Assigned by: [email protected] (Primary)