This site has been archived. To learn more about our current products Ibexa Content, Ibexa Experience, Ibexa Commerce head over to the Ibexa Developer Portal

eZ Community » Security Advisories » EZSA-2015-001: Potential...

EZSA-2015-001: Potential vulnerability in eZ Publish password recovery

Publication date : 11/05/2015
Severity : High
Affected versions : 4.3-5.4, all community versions at time of writing
Resolving versions : 2015.03 & published service packs for all supported versions

This Security Update fixes a vulnerability in the eZ Publish password recovery function. You need to have the PHP OpenSSL extension (ext-openssl) installed to take full advantage of the improved security, but even without it security is improved. We strongly recommend that you install this Security Update as soon as possible.

Patch for eZ Publish:

Release notes for these eZ Platform releases, which contain the fix:

36 542 Users on board!

Community Project menu

Proudly Developed with from