Description

gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.

Remediation

References

CVE-2012-5493

Related Vulnerabilities

WordPress Plugin Google Drive for WordPress Information Disclosure (2.2)

WordPress Improper Input Validation Vulnerability (CVE-2008-5695)

WordPress Plugin Google Analytics Dashboard Multiple Unspecified Vulnerabilities (2.0.5)

WordPress Plugin 301 Redirects-Easy Redirect Manager Cross-Site Request Forgery (2.72)

PHP Use After Free Vulnerability (CVE-2016-5771)

Severity

High

Classification

CVE-2012-5493 CWE-94

Tags

Missing Update Known Vulnerabilities