VWE-2019-5375 Viewing Source [template]Vulnerability | cve= | aka= | severity=Medium | difficulty=Normal | description=Permissions Escalation. Users can rename any multi-typed attachment as long as they have permission to rename regular attachments, and can rename other types of pages as long as they have permission to rename regular pages. | platform= | lite=no | issueid= | discover-date=October 3, 2019 | patch-date=October 12, 2019 | patches=4.1.0 Beta 4 4.0.27 Patch Level 1 4.0.26 Patch Level 3 4.0.25 Patch Level 5 | workaround=Update permissions so that users cannot rename regular attachments or regular pages, if they should not be allowed to rename certain multi-typed attachments or pages. [/template] 702 characters