Description
membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL.
Remediation
References
Related Vulnerabilities
WordPress Plugin Events Manager Multiple Vulnerabilities (5.5.7.1)
Drupal Core 8.5.0 Remote Code Execution (8.5.0)
Oracle HTTP Server CVE-2019-2751 Vulnerability (CVE-2019-2751)
WordPress Plugin 123devis-affiliation Cross-Site Scripting (1.0.4)
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35030)