2 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-1000484
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an attacker could send you to his own website. On its own this is not so bad: the attacker...
CVE-2017-1000484
CVE-2017-1000484 affects Plone 2.5–5.1rc1. The issue is an open redirection via a parameter-constructed URL that can redirect a user to an attacker-controlled site, potentially after login when combined with a standard login redirect flow. The vulnerability exists in Plone’s handling of a specifi...