A member of RadarServices’ Offensive Security Team, Thomas Poskocil, MSc, was assigned to find vulnerabilities in the open source enterprise content management system “eZ Platform” as part of his research.
The pentest revealed a serious vulnerability of the platform, in particular, the admin user interface. Customers using the latest version of eZ Platform with the goal to expose user-generated content capabilities to their users were at risk. The eZ Systems team responded quickly and in an exemplary manner to the tip and worked hard to fix the vulnerability. An update was already made available to patch the identified security risk for both existing and future code.
“We are proud of our Offensive Security Team. These specialists not only continually strive to further their own knowledge, but also contribute with their commitment and expertise to the further development of cybersecurity. Their work often reveals extremely critical vulnerabilities in companies and IT systems,” comments Wolfgang Gröller, RadarServices’ CTO.
“We take security very seriously at eZ Systems and we are grateful to be able to collaborate with RadarServices. Together, we can deliver better and safer software.” Roland Benedetti eZ Systems’ Chief Product Officer. The Norwegian company eZ Systems develops its content management system platform together with its user and developer community.