diff --git a/docs/changelog/5.x.x.txt b/docs/changelog/5.x.x.txt
index 5bf47e90d..3881e9af9 100644
--- a/docs/changelog/5.x.x.txt
+++ b/docs/changelog/5.x.x.txt
@@ -31,6 +31,8 @@
  - Updated the German translation. (Thanks to Andreas Graf.)
  - Fixed a security problem where users could access a forum they didn't have
    privileges to view if they created a specific URL.
+ - Fixed a security problem where users could edit a forum post they didn't
+   create if they generated a proper URL.
 
 
 5.5.0
diff --git a/lib/WebGUI/Forum/UI.pm b/lib/WebGUI/Forum/UI.pm
index df072b6eb..3bad2e73b 100644
--- a/lib/WebGUI/Forum/UI.pm
+++ b/lib/WebGUI/Forum/UI.pm
@@ -1921,7 +1921,7 @@ sub www_postSave {
 	}
 	if ($session{form}{forumPostId} > 0) { # edit
 		my $post = WebGUI::Forum::Post->new($session{form}{forumPostId});
-		return WebGUI::Privilege::insufficient unless ($post->getThread->getForum->canPost);
+		return WebGUI::Privilege::insufficient unless ($post->canEdit);
 		if ($post->getThread->getForum->get("addEditStampToPosts")) {
 			$postData{message} .= "\n\n --- (".WebGUI::International::get(1029)." "
                         .WebGUI::DateTime::epochToHuman(WebGUI::DateTime::time())." ".WebGUI::International::get(1030)