Zero-day Vulnerability Database
Zero-day vulnerabilities discovered: 1
Security bypass
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to improper checking for authorization by plone.app.user. A remote attacker can modify the properties of arbitrary accounts.
Successful exploitation of the vulnerability may result in attacker's access to the vulnerable system.
Note: the vulnerability was being actively exploited.
Security bypass
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists due to improper checking for authorization by plone.app.user. A remote attacker can modify the properties of arbitrary accounts.
Successful exploitation of the vulnerability may result in attacker's access to the vulnerable system.
Note: the vulnerability was being actively exploited.