Plone Unspecified Group Spoofing Vulnerability

info
discussion
exploit
solution
references

Plone Unspecified Group Spoofing Vulnerability

Plone is prone to a spoofing vulnerability due to an unspecified error.

An attacker can exploit this issue to spoof certain user data.

NOTE: This affects only sites that permit anonymous user registration.

Plone 2.5 and 2.5.1 are vulnerable.