GHSA-984M-RJ28-8C6X Plone unauthorized member addition vulnerability

🗓️ 17 May 2022 00:35:46Reported by GoogleType

osv🔗 osv.dev👁 15 Views

Plone unauthorized member addition vulnerability in versions 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, 4.2.0 through 4.2.7, 4.3.0 through 4.3.6, and 5.0rc

Reporter	Title	Published	Views	Family All 12
CNVD	Plone Design Vulnerability	12 Oct 201700:00	–	cnvd
CVE	CVE-2015-7315	25 Sep 201717:00	–	cve
Cvelist	CVE-2015-7315	25 Sep 201717:00	–	cvelist
EUVD	EUVD-2017-0085	7 Oct 202500:30	–	euvd
Github Security Blog	Plone unauthorized member addition vulnerability	17 May 202200:35	–	github
NVD	CVE-2015-7315	25 Sep 201717:29	–	nvd
OSV	PYSEC-2017-52	25 Sep 201717:29	–	osv
Prion	Code injection	25 Sep 201717:29	–	prion
PyPA	PYSEC-2017-52	25 Sep 201717:29	–	pypa
Tenable Nessus	RHEL 5 : luci (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-7315
github	www.github.com/plone/Products.CMFPlone/commit/1845b0a92312291811b68907bf2aa0fb448c4016
github	www.github.com/plone/Products.CMFPlone/commit/9f0111f85cd14f3f067044b59b93e2856c99d542
github	www.github.com/zopefoundation/Products.CMFCore/commit/e1d981bfa14b664317285f0f36498f4be4a23406
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/plone/Products.CMFPlone
github	www.github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-52.yaml
plone	www.plone.org/security/hotfix/20150910/anonymous-is-able-to-create-plone-members
pypi	www.pypi.org/project/Products.PloneHotfix20150910
openwall	www.openwall.com/lists/oss-security/2015/09/22/13

18 Oct 2024 22:19Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.15.9

CVSS 48.2

EPSS0.00436