Information Exposure Affecting plone package, versions [3.3,4.3.2]


Severity

Recommended
0.0
medium
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
0.31% (70th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-PYTHON-PLONE-40242
  • published10 Dec 2013
  • disclosed10 Dec 2013
  • creditUnknown

Introduced: 10 Dec 2013

CVE-2013-7060  (opens in a new tab)
CWE-200  (opens in a new tab)

Overview

plone is a Content Management System.

Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope.

CVSS Scores

version 3.1