Description
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation.
Remediation
References
Related Vulnerabilities
WordPress Plugin BA Book Everything Cross-Site Scripting (1.3.24)
WordPress Plugin Acurax On Click Pop Under Multiple Unspecified Vulnerabilities (2.2.1)
Squid Data Processing Errors Vulnerability (CVE-2014-7141)
Python Unchecked Return Value Vulnerability (CVE-2021-4189)
OpenSSL Resource Management Errors Vulnerability (CVE-2015-1788)