Description
Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope.
Remediation
References
Related Vulnerabilities
WordPress Plugin Campaign URL Builder Cross-Site Request Forgery (1.5.0)
Internet Information Services Other Vulnerability (CVE-2000-0114)
WordPress Plugin Gravity Forms HubSpot Cross-Site Scripting (1.0.8)
MySQL CVE-2016-5627 Vulnerability (CVE-2016-5627)
WordPress Plugin WP Statistics Multiple Vulnerabilities (13.1.5)