Security Advisory

CVE-2007-4493

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-08-23 01:00:00

Last updated 2024-08-07 15:01:09

Assigner mitre

State PUBLISHED

Description

eZ publish before 3.8.9, and 3.9 before 3.9.3, does not properly check permissions on module views that lack a policy function, which has unknown impact and attack vectors, as demonstrated by a vulnerability in the discount functionality in the shop module.

← Browse all CVEs View on cve.org ↗