CVE-2009-0662: Improper Authentication

July 23, 2018 (updated September 16, 2021)

The PlonePAS product, a product for Plone, does not properly handle the login form, which allows remote authenticated users to acquire the identity of an arbitrary user via unspecified vectors.

References

osvdb.org/53975
plone.org/products/plone/security/advisories/cve-2009-0662
secunia.com/advisories/34840
www.securityfocus.com/bid/34664
exchange.xforce.ibmcloud.com/vulnerabilities/50061
github.com/advisories/GHSA-pq3x-96c3-xgjg
nvd.nist.gov/vuln/detail/CVE-2009-0662

Detect and mitigate CVE-2009-0662 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →