Plone CMS Improper Input Validation Vulnerability (CVE-2013-4197)

Description

member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.

Remediation

References

CVE-2013-4197

Related Vulnerabilities

WordPress Plugin Product Reviews Import Export for WooCommerce Cross-Site Request Forgery (1.3.2)

WordPress Plugin Zoho CRM Lead Magnet Unspecified Vulnerability (1.7.2.9)

Play Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3630)

WordPress Plugin Rich Counter Cross-Site Scripting (1.1.5)

Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745)

Severity

Medium

Classification

CVE-2013-4197 CWE-20