Access Restriction Bypass Affecting plone package, versions [4.0,5.1a1]
Snyk CVSS
Attack Complexity
Low
Threat Intelligence
EPSS
0.18% (55th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-PLONE-40393
- published 9 Apr 2016
- disclosed 9 Apr 2016
- credit Thomas Mogensen
Introduced: 9 Apr 2016
CVE-2016-4041 Open this link in a new tabOverview
plone
is a Content Management System.
Affected versions of this package are vulnerable to Access Restriction Bypass. Dexterity content is missing security declarations for WebDAV requests. This only affects Dexterity objects.