Описание
Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to (1) add arbitrary accounts via the join_form page and (2) change the privileges of arbitrary groups via the prefs_groups_overview page.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| edgy | ignored | end of life, was needs-triage |
| feisty | ignored | end of life, was needs-triage |
| gutsy | ignored | end of life, was needs-triage |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | DNE | |
| karmic | DNE | |
| lucid | DNE |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 47%
0.00242
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 17 лет назад
Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CMS 3.0.5 and 3.0.6 allow remote attackers to (1) add arbitrary accounts via the join_form page and (2) change the privileges of arbitrary groups via the prefs_groups_overview page.
debian
больше 17 лет назад
Multiple cross-site request forgery (CSRF) vulnerabilities in Plone CM ...
EPSS
Процентиль: 47%
0.00242
Низкий
4.3 Medium
CVSS2