Information Exposure Affecting plone package, versions [3.3,5.1a1]

Snyk CVSS

Attack Complexity Low

Threat Intelligence

EPSS 0.17% (53^rd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-PYTHON-PLONE-40394
published 20 Apr 2016
disclosed 20 Apr 2016
credit Unknown

Report a new vulnerability Found a mistake?

Introduced: 20 Apr 2016

CVE-2016-4042 Open this link in a new tab CWE-200 Open this link in a new tab

Overview

plone is a Content Management System.

Affected versions of this package are vulnerable to Information Exposure. Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.

References

CVE
Openwall
Plone Security Advisory