Back to search
CVE-2009-0662
Published: Apr 23, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product for Plone, does not properly handle the login form, which allows remote authenticated users to acquire the identity of an arbitrary user via unspecified vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34664
vdb-entry
x_refsource_BID
plone-unspecified-session-hijacking(50061)
vdb-entry
x_refsource_XF
34840
third-party-advisory
x_refsource_SECUNIA
http://plone.org/products/plone/security/advisories/cve-2009-0662
x_refsource_CONFIRM
53975
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now