CVE-2020-7941 – plone-app-contenttypes
Package
Manager: pip
Name: plone-app-contenttypes
Vulnerable Version: =1.0 || =1.0b1 || =1.0b2 || =1.0rc1 || =1.1 || =1.1.1 || =1.1.2 || =1.1.3 || =1.1.4 || =1.1.5 || =1.1.6 || =1.1.7 || =1.1.8 || =1.1.9 || =1.1a1 || =1.1b1 || =1.1b2 || =1.1b3 || =1.1b4 || =1.1b5 || =1.1b6 || =1.2.0 || =1.2.1 || =1.2.10 || =1.2.11 || =1.2.12 || =1.2.13 || =1.2.14 || =1.2.15 || =1.2.16 || =1.2.17 || =1.2.18 || =1.2.19 || =1.2.2 || =1.2.20 || =1.2.21 || =1.2.22 || =1.2.23 || =1.2.24 || =1.2.25 || =1.2.26 || =1.2.27 || =1.2.3 || =1.2.4 || =1.2.5 || =1.2.6 || =1.2.7 || =1.2.8 || =1.2.9 || =1.2a1 || =1.2a2 || =1.2a3 || =1.2a4 || =1.2a5 || =1.2a6 || =1.2a7 || =1.2a8 || =1.2a9 || =1.2b1 || =1.2b2 || =1.2b3 || =1.2b4 || =1.3.0 || =1.4 || =1.4.1 || =1.4.10 || =1.4.11 || =1.4.12 || =1.4.13 || =1.4.14 || =1.4.15 || =1.4.16 || =1.4.17 || =1.4.18 || =1.4.2 || =1.4.3 || =1.4.4 || =1.4.5 || =1.4.6 || =1.4.7 || =1.4.8 || =1.4.9 || =2.0.0 || =2.0.1 || =2.0.2 || =2.0.3 || =2.0.4 || =2.0.5 || =2.0.6 || =2.1.0 || =2.1.1 || =2.1.10 || =2.1.2 || =2.1.3 || =2.1.4 || =2.1.5 || =2.1.6 || =2.1.7 || =2.1.8 || =2.1.9 || =2.2.0 || =2.2.1 || =2.2.2 || =2.2.3 || =3.0.0 || =3.0.0a1 || =3.0.0a10 || =3.0.0a11 || =3.0.0a12 || =3.0.0a13 || =3.0.0a2 || =3.0.0a3 || =3.0.0a4 || =3.0.0a5 || =3.0.0a6 || =3.0.0a7 || =3.0.0a8 || =3.0.0a9 || =3.0.0b1 || =3.0.0b2 || =3.0.1 || =3.0.2 || =3.0.3 || =3.0.4 || =3.0.5 || =3.0.6 || =3.0.7 || =3.0.8 || =3.0.9 || =4.0.0 || >=0 <2.1.6
Severity
Level: Critical
CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS: 0.00619 pctl0.69085
Details
Plone Unauthenticated Write Vulnerability A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission.
Metadata
Created: 2022-05-24T17:07:14Z
Modified: 2024-10-18T22:02:05.376082Z
Source: https://osv-vulnerabilities
CWE IDs: ["CWE-269"]
Alternative ID: N/A
Finding: F159
Auto approve: 1