Description

Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."

Remediation

References

CVE-2006-4247

Related Vulnerabilities

e107 Other Vulnerability (CVE-2005-4224)

WordPress Plugin Login With Ajax Cross-Site Request Forgery (3.0.4.1)

MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-0372)

Python Integer Overflow or Wraparound Vulnerability (CVE-2008-2315)

WordPress Plugin WPML (WordPress Multilingual) Cross-Site Request Forgery (4.3.6)

Severity

Medium

Classification

CVE-2006-4247

Tags

Missing Update Known Vulnerabilities