Vulnerabilities

CVE-2013-4193

by Fred · 11/03/2014

typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL.

Date published : 2014-03-11

http://plone.org/products/plone-hotfix/releases/20130618

http://plone.org/products/plone/security/advisories/20130618-announcement

Similar

Tags: Cybersecurity Alert