Description

registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.

Remediation

References

CVE-2012-5485

Related Vulnerabilities

MySQL CVE-2017-10276 Vulnerability (CVE-2017-10276)

XWikiplatform Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-31464)

MySQL CVE-2019-2533 Vulnerability (CVE-2019-2533)

SharePoint CVE-2021-40486 Vulnerability (CVE-2021-40486)

WordPress Plugin Lifeline Donation Security Bypass (1.2.6)

Severity

Medium

Classification

CVE-2012-5485 CWE-94

Tags

Missing Update Known Vulnerabilities