Description

Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.

Remediation

References

CVE-2011-2528

Related Vulnerabilities

Apache HTTP Server Other Vulnerability (CVE-2003-0083)

WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41184)

Nginx Out-of-bounds Read Vulnerability (CVE-2023-27727)

LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18358)

WordPress Plugin Magic Fields Arbitrary File Upload (1.6.3.2)

Severity

High

Classification

CVE-2011-2528

Tags

Missing Update Known Vulnerabilities