{"id":"PYSEC-2006-10","details":"Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to \"masquerade as a group.\"","aliases":["CVE-2006-4249","GHSA-r7j4-82xw-8m9p","PYSEC-2006-6"],"modified":"2026-05-21T15:00:17.609254383Z","published":"2006-12-07T23:28:00Z","references":[{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30762"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/4878"},{"type":"FIX","url":"http://plone.org/about/security/advisories/cve-2006-4249/"},{"type":"FIX","url":"http://secunia.com/advisories/23240"},{"type":"FIX","url":"http://www.securityfocus.com/bid/21460"}],"affected":[{"package":{"name":"plone","ecosystem":"PyPI","purl":"pkg:pypi/plone"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"2.5"},{"last_affected":"2.5.1"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2006-10.yaml"}}],"schema_version":"1.7.5"}