Description

member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.

Remediation

References

CVE-2013-4197

Related Vulnerabilities

WordPress Plugin Slider Hero with Animation, Video Background SQL Injection (8.2.6)

WordPress Plugin WPS Bidouille Multiple Vulnerabilities (1.12.2)

WordPress Plugin Mobile App Native (Make a mobile app-Native iPhone & Android Mobile App FREE) Arbitrary File Upload (3.0)

WordPress Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-3590)

TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098)

Severity

Medium

Classification

CVE-2013-4197 CWE-20

Tags

Missing Update Known Vulnerabilities