RSS   Vulnerabilities for 'Cmfeditions'   RSS

2011-10-10
 
CVE-2011-4030

CWE-264
 

 
The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587.

 

 >>> Vendor: Plone 5 Products
Plone
Plone cms
Plonepas
Plone hotfix 20110720
Cmfeditions


Copyright 2019, cxsecurity.com

 

Back to Top