3 matches found
EUVD-2014-0065
Malware in sbrugna...
Plone allows remote attackers to read hidden folder contents
ftp.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read hidden folder contents via unspecified vectors...
PYSEC-2014-44
Cross-site scripting XSS vulnerability in safehtml.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors...