CVE-2016-7136 – Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
https://notcve.org/view.php?id=CVE-2016-7136
z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request. z3c.form en Plone CMS 5.x hasta la versión 5.0.6 y 4.x hasta la versión 4.3.11 permite a atacantes remotos llevar a cabo ataques de XSS a través de una petición GET manipulada. Plone CMS versions 4.3.11 and below and versions 5.0.6 and below suffer from cross site scripting, open redirection, and path traversal vulnerabilities. • http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html http://seclists.org/fulldisclosure/2016/Oct/80 http://www.openwall.com/lists/oss-security/2016/09/05/4 http://www.openwall.com/lists/oss-security/2016/09/05/5 http://www.securityfocus.com/archive/1/539572/100/0/threaded http://www.securityfocus.com/bid/92752 https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-forms • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2016-7137 – Plone CMS 4.3.11 / 5.0.6 XSS / Traversal / Open Redirection
https://notcve.org/view.php?id=CVE-2016-7137
Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter to (1) %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions or (2) folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions or the (3) came_from parameter to /login_form. Múltiples vulnerabilidades de redirección abierta en Plone CMS 5.x hasta la versión 5.0.6, 4.x hasta la versión 4.3.11 y 3.3.x hasta la versión 3.3.6 permiten a atacantes remotos redirigir usuarios a sitios web arbitrarios y llevar a cabo ataques de phishing a través de URL en el parámetro referer a (1) %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions o (2) folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions o el parámetro (3) came_from a /login_form. Plone CMS versions 4.3.11 and below and versions 5.0.6 and below suffer from cross site scripting, open redirection, and path traversal vulnerabilities. • http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html http://seclists.org/fulldisclosure/2016/Oct/80 http://www.openwall.com/lists/oss-security/2016/09/05/4 http://www.openwall.com/lists/oss-security/2016/09/05/5 http://www.securityfocus.com/archive/1/539572/100/0/threaded http://www.securityfocus.com/bid/92752 https://plone.org/security/hotfix/20160830/open-redirection-in-plone • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVE-2015-7293 – Zope Management Interface 4.3.7 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2015-7293
Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x. Existen múltiples vulnerabilidades de Cross-Site Request Forgery (CSRF) en Zope Management Interface 4.3.7 y anteriores, así como en Plone en versiones anteriores a la 5.x. Zope Management Interface version 4.3.7 suffers from a cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/38411 http://packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.html https://plone.org/security/hotfix/20151006 https://pypi.python.org/pypi/plone4.csrffixes • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2013-7060
https://notcve.org/view.php?id=CVE-2013-7060
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope. Products/CMFPlone/FactoryTool.py en Plone 3.3 hasta 4.3.2 permite a atacantes remotos obtener la ruta de instalación a través de vectores relacionados con un objeto de archivo para documentación no especificada que es inicializada en el ámbito de clase. • http://www.openwall.com/lists/oss-security/2013/12/10/15 http://www.openwall.com/lists/oss-security/2013/12/12/3 https://plone.org/security/20131210/path-leak • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-7061
https://notcve.org/view.php?id=CVE-2013-7061
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API. Products/CMFPlone/CatalogTool.py en Plone 3.3 hasta 4.3.2 permite a administradores remotos evadir restricciones y obtener información sensible a través de una API de búsqueda no especificada. • http://www.openwall.com/lists/oss-security/2013/12/10/15 http://www.openwall.com/lists/oss-security/2013/12/12/3 https://plone.org/security/20131210/catalogue-exposure • CWE-264: Permissions, Privileges, and Access Controls •