Vulnerability Details CVE-2005-4854
eZ publish 3.5 through 3.7 before 20050830 does not use a folder's read permissions to restrict notifications, which allows remote authenticated users to obtain sensitive information about changes to content in arbitrary folders.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.4%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2005-4854
-
cpe:2.3:a:ez:ez_publish:3.5.0
-
cpe:2.3:a:ez:ez_publish:3.5.1
-
cpe:2.3:a:ez:ez_publish:3.5.10
-
cpe:2.3:a:ez:ez_publish:3.5.11
-
cpe:2.3:a:ez:ez_publish:3.5.2
-
cpe:2.3:a:ez:ez_publish:3.5.3
-
cpe:2.3:a:ez:ez_publish:3.5.4
-
cpe:2.3:a:ez:ez_publish:3.5.5
-
cpe:2.3:a:ez:ez_publish:3.5.6
-
cpe:2.3:a:ez:ez_publish:3.5.7
-
cpe:2.3:a:ez:ez_publish:3.5.8
-
cpe:2.3:a:ez:ez_publish:3.5.9
-
cpe:2.3:a:ez:ez_publish:3.6.0
-
cpe:2.3:a:ez:ez_publish:3.6.1
-
cpe:2.3:a:ez:ez_publish:3.6.10
-
cpe:2.3:a:ez:ez_publish:3.6.11
-
cpe:2.3:a:ez:ez_publish:3.6.12
-
cpe:2.3:a:ez:ez_publish:3.6.2
-
cpe:2.3:a:ez:ez_publish:3.6.3
-
cpe:2.3:a:ez:ez_publish:3.6.4
-
cpe:2.3:a:ez:ez_publish:3.6.5
-
cpe:2.3:a:ez:ez_publish:3.6.6
-
cpe:2.3:a:ez:ez_publish:3.6.7
-
cpe:2.3:a:ez:ez_publish:3.6.8
-
cpe:2.3:a:ez:ez_publish:3.6.9
-
cpe:2.3:a:ez:ez_publish:3.7.0
-
cpe:2.3:a:ez:ez_publish:3.7.1
-
cpe:2.3:a:ez:ez_publish:3.7.10
-
cpe:2.3:a:ez:ez_publish:3.7.11
-
cpe:2.3:a:ez:ez_publish:3.7.12
-
cpe:2.3:a:ez:ez_publish:3.7.2
-
cpe:2.3:a:ez:ez_publish:3.7.3
-
cpe:2.3:a:ez:ez_publish:3.7.4
-
cpe:2.3:a:ez:ez_publish:3.7.5
-
cpe:2.3:a:ez:ez_publish:3.7.6
-
cpe:2.3:a:ez:ez_publish:3.7.7
-
cpe:2.3:a:ez:ez_publish:3.7.8
-
cpe:2.3:a:ez:ez_publish:3.7.9