2007-07-17 00:00:00
mitre
PUBLISHED
activeWeb contentserver CMS before 5.6.2964 does not limit the file-creation ability of editors who have restricted accounts, which allows these editors to create files in arbitrary directories.