CVE-2012-5500

2014-11-03T22:55:00
ID CVE-2012-5500
Type cve
Reporter cve@mitre.org
Modified 2014-11-05T03:09:00

Description

The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request.