Lucene search
GoogleOSV:GHSA-W6G9-XCCC-347HHistoryMay 24, 2022 - 5:07 p.m.
Plone Unauthenticated Write Vulnerability
2022-05-2417:07:14
Google
osv.dev
4
0.004 Low
EPSS
Percentile
72.7%
A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission.
References
www.openwall.com/lists/oss-security/2020/01/24/1
github.com/plone/plone.app.contenttypes
github.com/plone/plone.app.contenttypes/blob/master/CHANGES.rst?plain=1#L372-L374
nvd.nist.gov/vuln/detail/CVE-2020-7941
plone.org/security/hotfix/20200121
plone.org/security/hotfix/20200121/privilege-escalation-for-overwriting-content
www.openwall.com/lists/oss-security/2020/01/22/1
Related
veracode
veracode
Authorization Bypass
2020-01-23 04:24:18
osv
osv
CVE-2020-7941
2020-01-23 21:15:13
PYSEC-2020-90
2020-01-23 21:15:00
nvd
nvd
CVE-2020-7941
2020-01-23 21:15:13
prion
prion
Privilege escalation
2020-01-23 21:15:00
github
github
Plone Unauthenticated Write Vulnerability
2022-05-24 17:07:14
cve
cve
CVE-2020-7941
2020-01-23 21:15:13
redhatcve
redhatcve
CVE-2020-7941
2020-02-04 20:18:16
cvelist
cvelist
CVE-2020-7941
2020-01-23 20:38:13
nessus
nessus
RHEL 5 : plone (Unpatched Vulnerability)
2024-05-11 00:00:00