CVE-2013-4195 – plone

Package

Manager: pip
Name: plone
Vulnerable Version: >=2.1 <4.1.1 || >=4.2 <4.2.6 || >=4.3 <4.3.2

Severity

Level: Low

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

EPSS: 0.00285 pctl0.516

Details

Plone Multiple open redirect vulnerabilities Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Metadata

Created: 2022-05-17T04:49:44Z
Modified: 2024-10-18T21:57:26Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-j67j-8hrp-76xm/GHSA-j67j-8hrp-76xm.json
CWE IDs: ["CWE-601"]
Alternative ID: GHSA-j67j-8hrp-76xm
Finding: F156
Auto approve: 1