← voltar
CVE-2013-4189

CVE-2013-4189

EPSS 1.2%
Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, and (3) traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://plone.org/products/plone-hotfix/releases/20130618http://plone.org/products/plone/security/advisories/20130618-announcementhttps://bugzilla.redhat.com/show_bug.cgi?id=978450http://seclists.org/oss-sec/2013/q3/261