Vulnerabilities

CVE-2011-4030

by Fred · 10/10/2011

The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587.

Date published : 2011-10-10

http://www.securityfocus.com/bid/50287

http://plone.org/products/plone-hotfix/releases/20110928

Similar

Tags: Cybersecurity Alert