CVE-2006-4247

Published: Sep 29, 2006Modified: Apr 23, 2026

6.4

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability: 10.0 / Impact: 4.9

Source: NVD

Description

Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."

Affected (2)

Products: Plone: Plone

Plone

1 product

Plone

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Plone Plone	Version 2.5.1_rc
Plone Plone	Version 2.5

References (2)

http://plone.org/about/security/advisories/cve-2006-4247

Source: security@debian.org

Patch

http://plone.org/about/security/advisories/cve-2006-4247

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.