{
  "schema_version": "1.4.0",
  "id": "GHSA-jx74-m5hp-97vh",
  "modified": "2022-05-01T02:31:28Z",
  "published": "2022-05-01T02:31:28Z",
  "aliases": [
    "CVE-2005-4853"
  ],
  "details": "The default configuration of the forum package in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050818 does not restrict edit permissions to a posting's owner, which allows remote authenticated users to edit arbitrary postings.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-4853"
    },
    {
      "type": "WEB",
      "url": "http://ez.no/download/ez_publish/changelogs/ez_publish_3_8/changelog_3_6_x_3_7_x_to_3_8_0"
    },
    {
      "type": "WEB",
      "url": "http://issues.ez.no/7052"
    }
  ],
  "database_specific": {
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-12-31T05:00:00Z"
  }
}