Common Vulnerabilities and Exposures assigned an identifier CVE-2009-0662 to the following vulnerability:
Quoting upstream security advisory:
Karen Chan of Isotoma Limited found a bug in the login form
handling of Plone 3.x. An already authenticated user could
exploit this error and assume the identity of another user.
Affected version (from upstream advisory):
All Plone 3.x releases are affected.
Plone 2.5 and earlier releases are not affected.
Created attachment 341134 [details]
Plone currently only seem to be shipped in EPEL5, no other Fedora version has plone at the moment.