CVE-2016-4042 – plone

Package

Manager: pip
Name: plone
Vulnerable Version: >=5.0 <5.0.5 || >=3.3 <4.3.10

Severity

Level: Medium

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.0023 pctl0.45765

Details

Plone vulnerable to unauthorized disclosure of site content Plone versions 3.3 before 4.3.10 and 5.x before 5.0.5 allow remote attackers to obtain information about the ID of sensitive content via unspecified vectors.

Metadata

Created: 2022-05-17T02:57:52Z
Modified: 2024-10-18T15:42:26Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-v4vj-49m5-wjhw/GHSA-v4vj-49m5-wjhw.json
CWE IDs: ["CWE-200"]
Alternative ID: GHSA-v4vj-49m5-wjhw
Finding: F038
Auto approve: 1