CVE-2013-4193
The CVE-2013-4193 entry concerns Plone: the component typeswidget.py in Plone versions 2.1–4.1, 4.2.x–4.2.5, and 4.3.x–4.3.1 fails to enforce the immutable setting on unspecified content edit forms, allowing remote attackers to hide fields on the forms through a crafted URL. This is corroborated ...