Description

sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.

Remediation

References

CVE-2013-4192

Related Vulnerabilities

Dot CMS Other Vulnerability (CVE-2016-4803)

WordPress Plugin WPtouch 'wptouch_redirect' Parameter URI Redirection (1.9.32)

MySQL CVE-2018-3063 Vulnerability (CVE-2018-3063)

MySQL CVE-2015-0441 Vulnerability (CVE-2015-0441)

WebLogic Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2018-11040)

Severity

Medium

Classification

CVE-2013-4192 CWE-20

Tags

Missing Update Known Vulnerabilities