Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Plone CMS Permissions Privileges and Access Controls Vulnerability - CVE-2013-7061 - Vulnerability Database
Plone CMS

Plone CMS Permissions Privileges and Access Controls Vulnerability - CVE-2013-7061

Medium
Reference: CVE-2013-7061
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-7061
Title: Plone CMS Permissions Privileges and Access Controls Vulnerability
Overview:

Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.