Access Restriction Bypass Affecting plone package, versions [3.3,4.3.2]
Threat Intelligence
EPSS
0.08% (36th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-PLONE-40244
- published 10 Dec 2013
- disclosed 10 Dec 2013
- credit Unknown
Introduced: 10 Dec 2013
CVE-2013-7061 Open this link in a new tabOverview
plone
is a Content Management System.
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.
References
CVSS Scores
version 3.1