Description
The PlonePAS product 3.x before 3.9 and 3.2.x before 3.2.2, a product for Plone, does not properly handle the login form, which allows remote authenticated users to acquire the identity of an arbitrary user via unspecified vectors.
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21323 Vulnerability (CVE-2022-21323)
Oracle JRE CVE-2013-5806 Vulnerability (CVE-2013-5806)
WordPress Plugin Package Quantity Discount Security Bypass (1.1.2)
CakePHP Improper Input Validation Vulnerability (CVE-2010-4335)
WordPress Plugin WordPress Landing Pages Unspecified Vulnerability (2.2.6)