Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.

Remediation

References

CVE-2015-7293

Related Vulnerabilities

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Multiple Vulnerabilities (1.17.1)

WordPress Plugin WP-DBManager 'wp-config.php' Arbitrary File Download (2.60)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-26039)

WordPress Plugin Popup Maker-Popup for opt-ins, lead gen, & more Cross-Site Scripting (1.16.4)

Jenkins Incorrect Authorization Vulnerability (CVE-2021-21670)

Severity

High

Classification

CVE-2015-7293 CWE-352 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities