Description

sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.

Remediation

References

CVE-2013-4192

Related Vulnerabilities

WordPress Plugin Embed Any Document-Embed PDF, Word, PowerPoint and Excel Files Cross-Site Scripting (2.7.1)

WordPress Plugin Contact Form 7 Multi-Step Addon Malicious Code (1.0.5)

WordPress Plugin Post Duplicator Cross-Site Scripting (2.16)

phpMyFAQ Sensitive Cookie in HTTPS Session Without 'Secure' Attribute Vulnerability (CVE-2023-5866)

Moodle Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2024-48896)

Severity

Medium

Classification

CVE-2013-4192 CWE-20

Tags

Missing Update Known Vulnerabilities