Access Restriction Bypass Affecting plone package, versions [3.3,4.2.7]
Threat Intelligence
EPSS
0.18% (56th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-PLONE-40353
- published 10 Sep 2015
- disclosed 10 Sep 2015
- credit Unknown
Introduced: 10 Sep 2015
CVE-2015-7317 Open this link in a new tabOverview
plone
is a Content Management System.
Affected versions of this package are vulnerable to Access Restriction Bypass. An incorrect security declaration would allow any authenticated user to edit kupu settings--the wysiwyg editor for old versions of Plone. Versions affected are all versions Plone 3 through 4.2.
CVSS Scores
version 3.1