Description
The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 (5221), allowing unauthenticated attackers to execute dangerous actions such as uploading files to the server or deleting them.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gallery-Photo Albums-Portfolio Cross-Site Scripting (1.2.25)
WordPress Plugin Restaurant Reservations Privilege Escalation (1.3)
MySQL CVE-2019-2967 Vulnerability (CVE-2019-2967)
Oracle Application Server CVE-2006-3711 Vulnerability (CVE-2006-3711)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4408)