Описание
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access.
Отчет
Not vulnerable. This issue did not affect the versions of luci (as provided by conga) as shipped with Red Hat Enterprise Linux 5.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | conga | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=874115(Plone): DoS through RSS on private folder
EPSS
Процентиль: 69%
0.00603
Низкий
5 Medium
CVSS2
Связанные уязвимости
nvd
больше 11 лет назад
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access.
EPSS
Процентиль: 69%
0.00603
Низкий
5 Medium
CVSS2