4.3

CVE-2013-4193

typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PlonePlone Version2.1
PlonePlone Version2.1.1
PlonePlone Version2.1.2
PlonePlone Version2.1.3
PlonePlone Version2.1.4
PlonePlone Version2.5
PlonePlone Version2.5.1
PlonePlone Version2.5.2
PlonePlone Version2.5.3
PlonePlone Version2.5.4
PlonePlone Version2.5.5
PlonePlone Version3.0
PlonePlone Version3.0.1
PlonePlone Version3.0.2
PlonePlone Version3.0.3
PlonePlone Version3.0.4
PlonePlone Version3.0.5
PlonePlone Version3.0.6
PlonePlone Version3.1
PlonePlone Version3.1.1
PlonePlone Version3.1.2
PlonePlone Version3.1.3
PlonePlone Version3.1.4
PlonePlone Version3.1.5.1
PlonePlone Version3.1.6
PlonePlone Version3.1.7
PlonePlone Version3.2
PlonePlone Version3.2.1
PlonePlone Version3.2.2
PlonePlone Version3.2.3
PlonePlone Version3.3
PlonePlone Version3.3.1
PlonePlone Version3.3.2
PlonePlone Version3.3.3
PlonePlone Version3.3.4
PlonePlone Version3.3.5
PlonePlone Version4.0
PlonePlone Version4.0.1
PlonePlone Version4.0.2
PlonePlone Version4.0.3
PlonePlone Version4.0.4
PlonePlone Version4.0.5
PlonePlone Version4.0.6.1
PlonePlone Version4.1
PlonePlone Version4.2
PlonePlone Version4.2.1
PlonePlone Version4.2.2
PlonePlone Version4.2.3
PlonePlone Version4.2.4
PlonePlone Version4.2.5
PlonePlone Version4.3
PlonePlone Version4.3.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.31% 0.511
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N