CVE-2011-0720 – plone

Package

Manager: pip
Name: plone
Vulnerable Version: >=2.5 <4.0.4

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS: 0.01407 pctl0.79746

Details

Plone Privilege Escalation Vulnerability Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.

Metadata

Created: 2022-05-17T02:01:56Z
Modified: 2024-10-14T21:34:28Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-3v28-9jjp-4g5w/GHSA-3v28-9jjp-4g5w.json
CWE IDs: []
Alternative ID: GHSA-3v28-9jjp-4g5w
Finding: F159
Auto approve: 1