Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."
Max CVSS
6.4
EPSS Score
0.16%
Published
2006-09-29
Updated
2008-09-05
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to "masquerade as a group."
Max CVSS
4.3
EPSS Score
0.29%
Published
2006-12-07
Updated
2017-07-20
2 vulnerabilities found