CVE-2007-4493

CVE-2007-4493 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module.

Learn more about our Web Application Penetration Testing UK.