Description

uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.

Remediation

References

CVE-2012-5492

Related Vulnerabilities

XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-23620)

WordPress Plugin Slideshow Gallery LITE Cross-Site Scripting (1.5.3.4)

WordPress Plugin WooCommerce Information Disclosure (4.5.2)

WordPress Plugin CF7 Invisible reCAPTCHA Cross-Site Scripting (1.3.1)

Drupal Other Vulnerability (CVE-2006-5475)

Severity

Medium

Classification

CVE-2012-5492 CWE-200

Tags

Missing Update Known Vulnerabilities