CVE-2005-4851
Publication date 31 December 2005
Last updated 17 July 2025
Ubuntu priority
Description
eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which allows remote authenticated users to bypass the original permissions on embedded objects in XML fields and read these objects.