Описание
uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.
Отчет
Not vulnerable. This issue did not affect the versions of luci (as provided by conga) as shipped with Red Hat Enterprise Linux 5.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | conga | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Low
https://bugzilla.redhat.com/show_bug.cgi?id=874717(Plone): Partial permissions bypass
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 11 лет назад
uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.
4.3 Medium
CVSS2