{"id":"PYSEC-2006-6","details":"Unspecified vulnerability in PlonePAS in Plone 2.5 and 2.5.1, when anonymous member registration is enabled, allows an attacker to \"masquerade as a group.\"","aliases":["CVE-2006-4249","GHSA-r7j4-82xw-8m9p","PYSEC-2006-10"],"modified":"2026-06-10T17:00:12.557126413Z","published":"2006-12-07T23:28:00Z","references":[{"type":"FIX","url":"http://plone.org/about/security/advisories/cve-2006-4249/"},{"type":"ADVISORY","url":"http://plone.org/about/security/advisories/cve-2006-4249/"},{"type":"FIX","url":"http://www.securityfocus.com/bid/21460"},{"type":"FIX","url":"http://secunia.com/advisories/23240"},{"type":"ADVISORY","url":"http://secunia.com/advisories/23240"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2006/4878"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/30762"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-r7j4-82xw-8m9p"}],"affected":[{"package":{"name":"plone","ecosystem":"PyPI","purl":"pkg:pypi/plone"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.5"},{"fixed":"2.5.2"}]}],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2006-6.yaml"}}],"schema_version":"1.7.5"}