Description
Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Geo-CF Geo Cross-Site Scripting (7.13.11)
MySQL CVE-2020-14873 Vulnerability (CVE-2020-14873)
phpMyAdmin CVE-2016-6633 Vulnerability (CVE-2016-6633)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-0796)
WordPress Plugin Visual CSS Style Editor Security Bypass (7.1.9)