Description

Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.

Remediation

References

CVE-2016-4042

Related Vulnerabilities

phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12639)

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2021-27947)

Drupal Other Vulnerability (CVE-2007-0658)

Oracle Database Server Other Vulnerability (CVE-2006-3700)

WordPress Plugin FormCraft-Premium WordPress Form Builder Cross-Site Scripting (3.2.31)

Severity

Medium

Classification

CVE-2016-4042 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities