CVE-2013-4190 (GCVE-0-2013-4190)

Vulnerability from cvelistv5 – Published: 2014-03-11 15:00 – Updated: 2024-08-06 16:38
VLAI?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:38:01.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=978451"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://plone.org/products/plone/security/advisories/20130618-announcement"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://plone.org/products/plone-hotfix/releases/20130618"
          },
          {
            "name": "[oss-security] 20130801 Re: CVE Request -- Plone: 20130618 Hotfix (multiple vectors)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2013/q3/261"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-08-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-03-11T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=978451"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://plone.org/products/plone/security/advisories/20130618-announcement"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://plone.org/products/plone-hotfix/releases/20130618"
        },
        {
          "name": "[oss-security] 20130801 Re: CVE Request -- Plone: 20130618 Hotfix (multiple vectors)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/oss-sec/2013/q3/261"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4190",
    "datePublished": "2014-03-11T15:00:00",
    "dateReserved": "2013-06-12T00:00:00",
    "dateUpdated": "2024-08-06T16:38:01.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F1818BB-E23A-4136-898D-1D0C80C08728\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CB06627-133A-40D1-8816-E31E0A9BAD22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE7E448A-2C0C-4DE0-89EA-904718CB6C6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E727C5C-9E54-49F7-B92C-2492069AAE08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFD68465-4CDC-4788-8932-41335B5C4AC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7B739E0-FB73-401C-AB1A-E3C1434AA2A3\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE168A35-1A46-4A6F-8A08-25CDD886066D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CFE0FC06-369B-46CF-9B1E-BAF7AF87E950\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08747064-EC22-40B4-92EF-4640788FE55D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4EB85E3-9A76-4B79-AF7D-91484784A2EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"78755057-2613-4D5E-8F59-2C117EE282B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D49359CD-63EF-4D3A-92DC-C16DEE88138B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DE940BA-B784-4193-AB77-333F15B6C32D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9762C674-380B-4831-BBA1-3B27742121B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3D938645-80CE-4287-830E-A3BD0C5C84FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB0F7BFC-DC20-46B3-90E7-264E3A8A7886\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2C09C10-AEA0-41F4-B964-507B40580BE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B60568E-A688-46AF-B627-062A029A7324\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B635DAD-AC53-4484-8750-200B662DAFD1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B647E76-E8B8-4329-8848-3B90EB262807\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D0A6B8F-4018-44DC-9862-45309619DC6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F10374F-2BB3-48D2-B19F-9B2D038A8E35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEAC4F93-D26C-48F3-A7FF-8DC008FC2671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"552661B7-093D-4B3C-8770-FCDE6032AA17\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5180F9D2-E44B-455D-968C-792026AC832A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"636226E4-B880-41FE-A727-EF56CF8E6249\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF6E934A-C344-4861-8CD4-D18D52672D5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25780BBE-8013-4100-9EA8-7EFC244399A0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A089ED64-07E6-4F4C-97AE-AF74269A4DB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF2334C9-9B34-4C7D-93A2-172E596E05C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"354046F4-FA55-4AFC-935A-C803D36CDE86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF1496A7-6D0A-4970-B0BF-83758065BC6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47DEF57C-92F0-4999-AF8E-CEE27EE92CD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BED4241-D823-402A-A389-7E52C410E2F7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CE9A55E6-F265-4BB8-8683-3E0CFA01EC73\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"970FD910-50A4-478A-ADE6-EB912C261DAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A490523-1063-44E4-A72A-C23070279181\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8559F17-63D1-45DB-8A28-47F729DC6686\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDC93803-6506-4382-A013-18010EE7E06B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E65977FD-A880-4D16-B56B-94A72774F42D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EA5B4F8-2155-403D-97D8-1272285D508B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3CA2943-77E5-4384-A019-415BBCE62F94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7FF63F6-F1DC-4A97-A2E6-11CF613A31E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"538A3519-5B04-4FE5-A3C0-FD26EFA32705\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E08F4534-A588-463F-A745-39E559AB1CB8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B64341BA-5722-415E-9771-9837168AB7C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2929227-AE19-428D-9AC3-D312A559039B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B6DC866-0FEE-475B-855C-A69E004810CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50BF3E8E-152C-4E89-BAA2-A952D10F4611\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49DB97A7-89DD-43C0-A490-84AA7069764B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C44B53B-953B-4522-A5B4-11573850D2CD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades de XSS en (1) spamProtect.py, (2) pts.py y (3) request.py en Plone 2.1 hasta 4.1, 4.2.x hasta 4.2.5 y 4.3.x hasta 4.3.1 permiten a atacantes remotos inyectar script Web o HTML arbitrarios a trav\\u00e9s de vectores no especificados.\"}]",
      "id": "CVE-2013-4190",
      "lastModified": "2024-11-21T01:55:05.670",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2014-03-11T19:37:02.457",
      "references": "[{\"url\": \"http://plone.org/products/plone-hotfix/releases/20130618\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://plone.org/products/plone/security/advisories/20130618-announcement\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://seclists.org/oss-sec/2013/q3/261\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=978451\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://plone.org/products/plone-hotfix/releases/20130618\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://plone.org/products/plone/security/advisories/20130618-announcement\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://seclists.org/oss-sec/2013/q3/261\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=978451\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4190\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-03-11T19:37:02.457\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de XSS en (1) spamProtect.py, (2) pts.py y (3) request.py en Plone 2.1 hasta 4.1, 4.2.x hasta 4.2.5 y 4.3.x hasta 4.3.1 permiten a atacantes remotos inyectar script Web o HTML arbitrarios a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F1818BB-E23A-4136-898D-1D0C80C08728\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CB06627-133A-40D1-8816-E31E0A9BAD22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE7E448A-2C0C-4DE0-89EA-904718CB6C6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E727C5C-9E54-49F7-B92C-2492069AAE08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFD68465-4CDC-4788-8932-41335B5C4AC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7B739E0-FB73-401C-AB1A-E3C1434AA2A3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE168A35-1A46-4A6F-8A08-25CDD886066D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFE0FC06-369B-46CF-9B1E-BAF7AF87E950\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08747064-EC22-40B4-92EF-4640788FE55D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4EB85E3-9A76-4B79-AF7D-91484784A2EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78755057-2613-4D5E-8F59-2C117EE282B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D49359CD-63EF-4D3A-92DC-C16DEE88138B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DE940BA-B784-4193-AB77-333F15B6C32D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9762C674-380B-4831-BBA1-3B27742121B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D938645-80CE-4287-830E-A3BD0C5C84FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB0F7BFC-DC20-46B3-90E7-264E3A8A7886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2C09C10-AEA0-41F4-B964-507B40580BE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B60568E-A688-46AF-B627-062A029A7324\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:2.5.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B635DAD-AC53-4484-8750-200B662DAFD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B647E76-E8B8-4329-8848-3B90EB262807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D0A6B8F-4018-44DC-9862-45309619DC6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F10374F-2BB3-48D2-B19F-9B2D038A8E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEAC4F93-D26C-48F3-A7FF-8DC008FC2671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"552661B7-093D-4B3C-8770-FCDE6032AA17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5180F9D2-E44B-455D-968C-792026AC832A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"636226E4-B880-41FE-A727-EF56CF8E6249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF6E934A-C344-4861-8CD4-D18D52672D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25780BBE-8013-4100-9EA8-7EFC244399A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A089ED64-07E6-4F4C-97AE-AF74269A4DB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF2334C9-9B34-4C7D-93A2-172E596E05C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"354046F4-FA55-4AFC-935A-C803D36CDE86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF1496A7-6D0A-4970-B0BF-83758065BC6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47DEF57C-92F0-4999-AF8E-CEE27EE92CD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BED4241-D823-402A-A389-7E52C410E2F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE9A55E6-F265-4BB8-8683-3E0CFA01EC73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"970FD910-50A4-478A-ADE6-EB912C261DAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A490523-1063-44E4-A72A-C23070279181\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8559F17-63D1-45DB-8A28-47F729DC6686\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDC93803-6506-4382-A013-18010EE7E06B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E65977FD-A880-4D16-B56B-94A72774F42D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EA5B4F8-2155-403D-97D8-1272285D508B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3CA2943-77E5-4384-A019-415BBCE62F94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7FF63F6-F1DC-4A97-A2E6-11CF613A31E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:3.3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"538A3519-5B04-4FE5-A3C0-FD26EFA32705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3306D84-0F5B-46BA-9BCC-DCD0A1CDD604\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08F4534-A588-463F-A745-39E559AB1CB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B64341BA-5722-415E-9771-9837168AB7C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2929227-AE19-428D-9AC3-D312A559039B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B6DC866-0FEE-475B-855C-A69E004810CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50BF3E8E-152C-4E89-BAA2-A952D10F4611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49DB97A7-89DD-43C0-A490-84AA7069764B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:plone:plone:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C44B53B-953B-4522-A5B4-11573850D2CD\"}]}]}],\"references\":[{\"url\":\"http://plone.org/products/plone-hotfix/releases/20130618\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://plone.org/products/plone/security/advisories/20130618-announcement\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/oss-sec/2013/q3/261\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=978451\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://plone.org/products/plone-hotfix/releases/20130618\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://plone.org/products/plone/security/advisories/20130618-announcement\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/oss-sec/2013/q3/261\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=978451\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.