CVE-2012-5487

2014-09-30T14:55:00
ID CVE-2012-5487
Type cve
Reporter cve@mitre.org
Modified 2014-10-01T14:28:00

Description

The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.