Description

Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope.

Remediation

References

CVE-2013-7060

Related Vulnerabilities

WordPress 4.3.x Possible SQL Injection Vulnerability (4.3 - 4.3.12)

Ruby Numeric Errors Vulnerability (CVE-2009-1904)

WordPress Plugin Simply Show Hooks Malicious Code (1.2.1)

Oracle Database Server CVE-2020-2512 Vulnerability (CVE-2020-2512)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1643)

Severity

Medium

Classification

CVE-2013-7060 CWE-200

Tags

Missing Update Known Vulnerabilities