Description

Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.

Remediation

References

CVE-2016-4042

Related Vulnerabilities

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1340)

WordPress Plugin PDF Viewer Cross-Site Scripting (0.1)

Drupal Improper Access Control Vulnerability (CVE-2020-13677)

WordPress Plugin Easy Testimonials Cross-Site Scripting (3.5.2)

Mailman Other Vulnerability (CVE-2006-2191)

Severity

Medium

Classification

CVE-2016-4042 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities