Количество 2
Количество 2
CVE-2013-4191
zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive.
GHSA-grwx-4p5v-9g2g
Plone is vulnerable to Information Exposure when generating zip archives
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2013-4191 zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive. | CVSS2: 5.8 | 0% Низкий | почти 12 лет назад |
| GHSA-grwx-4p5v-9g2g Plone is vulnerable to Information Exposure when generating zip archives | CVSS3: 4.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу