Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Plone CMS Permissions Privileges and Access Controls Vulnerability - CVE-2013-4196 - Vulnerability Database
Plone CMS

Plone CMS Permissions Privileges and Access Controls Vulnerability - CVE-2013-4196

Medium
Reference: CVE-2013-4196
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-4196
Title: Plone CMS Permissions Privileges and Access Controls Vulnerability
Overview:

The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1 4.2.x through 4.2.5 and 4.3.x through 4.3.1 does not properly restrict access to internal methods which allows remote attackers to obtain sensitive information via a crafted request.