Description
Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sidekick Multiple Unspecified Vulnerabilities (2.2.1)
PrestaShop Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3796)
WordPress Plugin Slider Revolution Responsive Arbitrary File Upload (3.0.95)
WordPress Plugin FCChat Widget 'path' Parameter Cross-Site Scripting (2.1.7)