Description

queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection.

Remediation

References

CVE-2012-5498

Related Vulnerabilities

Oracle Database Server CVE-2014-4298 Vulnerability (CVE-2014-4298)

RubyGems Cryptographic Issues Vulnerability (CVE-2012-2126)

XWiki Incomplete Cleanup Vulnerability (CVE-2023-36468)

WordPress Plugin Social Buttons Pack by BestWebSoft Cross-Site Scripting (1.1.0)

WordPress Plugin CataBlog 'category' Parameter Cross-Site Scripting (1.6.2)

Severity

Medium

Classification

CVE-2012-5498 CWE-264

Tags

Missing Update Known Vulnerabilities