EUVD-2014-0068

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Error pages in Plone expose random number generation vulnerabilities for password resets by attackers

Reporter	Title	Published	Views	Family All 12
CVE	CVE-2012-5508	3 Nov 201422:00	–	cve
Cvelist	CVE-2012-5508	3 Nov 201422:00	–	cvelist
Github Security Blog	Exposure of Sensitive Information in Plone	17 May 202204:30	–	github
NVD	CVE-2012-5508	3 Nov 201422:55	–	nvd
OSV	GHSA-WPRR-MC54-C62Q Exposure of Sensitive Information in Plone	17 May 202204:30	–	osv
OSV	PYSEC-2014-50	3 Nov 201422:55	–	osv
Prion	Design/Logic Flaw	3 Nov 201422:55	–	prion
Prion	Code injection	3 Nov 201422:55	–	prion
Positive Technologies	PT-2014-2335 · Plone · Plone	3 Nov 201400:00	–	ptsecurity
PyPA	PYSEC-2014-50	3 Nov 201422:55	–	pypa

[
  {
    "enisaIdVendor": [
      {
        "id": "113f6935-1633-3ce0-b084-ee839d8a1e1b",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "9777df51-49f8-38d1-9a42-471856d97580",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
github	www.github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
plone	www.plone.org/products/plone/security/advisories/20121106/24
plone	www.plone.org/products/plone-hotfix/releases/20121124
openwall	www.openwall.com/lists/oss-security/2012/11/10/1
bugs	www.bugs.launchpad.net/zope2/+bug/1071067
nvd	www.nvd.nist.gov/vuln/detail/CVE-2012-5508
github	www.github.com/plone/Plone
github	www.github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-50.yaml
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 25

EPSS0.00357