Description

sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.

Remediation

References

CVE-2013-4192

Related Vulnerabilities

WordPress Plugin CM Footnotes Cross-Site Scripting (1.1.4)

WordPress Plugin BuddyPress PHP Object Injection (2.0.2)

WordPress 3.7.x Possible SQL Injection Vulnerability (3.7 - 3.7.22)

WordPress Plugin WP VR-360 Panorama and Virtual Tour Builder For WordPress Cross-Site Request Forgery (8.2.7)

WordPress Plugin WP Fastest Cache Multiple Vulnerabilities (0.9.4)

Severity

Medium

Classification

CVE-2013-4192 CWE-20

Tags

Missing Update Known Vulnerabilities