Moderate severityNVD Advisory· Published Dec 7, 2006· Updated Jun 16, 2026
CVE-2006-4249
CVE-2006-4249
Description
Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to "masquerade as a group."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
PlonePyPI | >= 2.5, < 2.5.2 | 2.5.2 |
Affected products
3cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
11- plone.org/about/security/advisories/cve-2006-4249/nvdPatchVendor Advisory
- secunia.com/advisories/23240nvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/21460nvdPatchWEB
- github.com/advisories/GHSA-r7j4-82xw-8m9pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2006-4249ghsaADVISORY
- plone.org/about/security/advisories/cve-2006-4249ghsaWEB
- plone.org/products/plone-hotfix/releases/20061031ghsaWEB
- www.vupen.com/english/advisories/2006/4878nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/30762nvdWEB
- github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2006-10.yamlghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2006-6.yamlghsaWEB
News mentions
0No linked articles in our index yet.