Description
sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2019-2827 Vulnerability (CVE-2019-2827)
WordPress Plugin xPinner Lite Multiple Vulnerabilities (2.2)
MySQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-1626)
WordPress Plugin AgentPress Broker Listings Cross-Site Scripting (1.0)
phpMyAdmin Improper Authentication Vulnerability (CVE-2022-23807)