Описание
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.
Отчет
Not vulnerable. This issue did not affect the versions of luci (as provided by conga) as shipped with Red Hat Enterprise Linux 5.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | conga | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=874131(Plone): z3c.form form details exposure
EPSS
Процентиль: 55%
0.00319
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 11 лет назад
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.
EPSS
Процентиль: 55%
0.00319
Низкий
4.3 Medium
CVSS2