CVSS: 4.3EPSS: 0%CPEs: 52EXPL: 0CVE-2013-4193
https://notcve.org/view.php?id=CVE-2013-4193
typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL. typeswidget.py en Plone 2.1 hasta 4.1, 4.2.x hasta 4.2.5 y 4.3.x hasta 4.3.1 no fuerza debidamente la configuración inmutable en formularios de editar contenido no especificados, lo que permite a atacantes remotos esconder campos en los formularios a través de una URL manipulada. • http://plone.org/products/plone-hotfix/releases/20130618 http://plone.org/products/plone/security/advisories/20130618-announcement http://seclists.org/oss-sec/2013/q3/261 https://bugzilla.redhat.com/show_bug.cgi?id=978469 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 52EXPL: 0CVE-2013-4197
https://notcve.org/view.php?id=CVE-2013-4197
member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors. member_portrait.py en Plone 2.1 hasta 4.1, 4.2.x hasta 4.2.5 y 4.3.x hasta 4.3.1 permite a usuarios remotos autenticados modificar o eliminar retratos de otros usuarios a través de vectores no especificados. • http://plone.org/products/plone-hotfix/releases/20130618 http://plone.org/products/plone/security/advisories/20130618-announcement http://seclists.org/oss-sec/2013/q3/261 https://bugzilla.redhat.com/show_bug.cgi?id=978478 • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 4%CPEs: 46EXPL: 1CVE-2013-4200 – Plone - 'in_portal.py' < 4.1.3 Session Hijacking
https://notcve.org/view.php?id=CVE-2013-4200
The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login. El método isURLInPortal en la clase URLTool en in_portal.py en Plone 2.1 a 4.1, 4.2.x hasta 4.2.5 y 4.3.x hasta 4.3.1, trata las URLs que comienzan con un espacio como URLs relativas, lo cual permite a atacantes sortear la propiedad de filtrado allow_external_login_sites, redirigiendo a usuarios a sitios web arbitrarios, y efectuando ataques de phishing a través de un espacio antes de la URL en el parámetro "next" en acl_users/credentials_cookie_auth/require_login. Plone CMS suffers from a URL redirection credential disclosure vulnerability. • https://www.exploit-db.com/exploits/38738 http://plone.org/products/plone-hotfix/releases/20130618 http://plone.org/products/plone/security/advisories/20130618-announcement http://www.openwall.com/lists/oss-security/2013/08/01/2 http://www.securityfocus.com/archive/1/530787/100/0/threaded https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 1%CPEs: 62EXPL: 0CVE-2011-4462
https://notcve.org/view.php?id=CVE-2011-4462
Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. Plone v4.1.3 y anteriores calcula los valores hash de los parámetros de forma, sin restringir la capacidad de desencadenar colisiones hash predecible, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante el envío de gran cantidad de parámetros a mano. • http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html http://secunia.com/advisories/47406 http://www.kb.cert.org/vuls/id/903934 http://www.nruns.com/_downloads/advisory28122011.pdf http://www.ocert.org/advisories/ocert-2011-003.html https://exchange.xforce.ibmcloud.com/vulnerabilities/72018 • CWE-20: Improper Input Validation •
CVSS: 3.5EPSS: 0%CPEs: 44EXPL: 0CVE-2011-1949
https://notcve.org/view.php?id=CVE-2011-1949
Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Filtro safe_html en Products.PortalTransforms de Plone v2.1 hasta v4.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados, vulnerabilidad diferente de CVE-2010-2422. • http://osvdb.org/72728 http://plone.org/products/plone/security/advisories/CVE-2011-1949 http://secunia.com/advisories/44775 http://secunia.com/advisories/44776 http://securityreason.com/securityalert/8269 http://www.securityfocus.com/archive/1/518155/100/0/threaded http://www.securityfocus.com/bid/48005 https://exchange.xforce.ibmcloud.com/vulnerabilities/67694 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •