WEB APPLICATION VULNERABILITIES Standard & Premium

Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7938)

Description

plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level.

Remediation

References

Related Vulnerabilities

WordPress Plugin Product Catalog Privilege Escalation (3.8.1)

OpenSSL NULL Pointer Dereference Vulnerability (CVE-2022-3358)

ownCloud Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-35947)

ATutor Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-1000002)

WordPress Plugin Contact Form Submissions Unspecified Vulnerability (1.6.3)

Severity

High

Classification

CVE-2020-7938 CWE-269 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities