CVE-2006-1711
CVE-2006-1711 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
Plone 2.0.5, 2.1.2, and 2.5-beta1 does not restrict access to the (1) changeMemberPortrait, (2) deletePersonalPortrait, and (3) testCurrentPassword methods, which allows remote attackers to modify portraits.
Learn more about our Web Application Penetration Testing UK.