Description

Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Remediation

References

CVE-2013-4195

Related Vulnerabilities

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9855)

WordPress Plugin Interactive SVG Image Map Builder Cross-Site Scripting (1.0)

WordPress Plugin WP SVG Icons Multiple Unspecified Vulnerabilities (3.1.8.1)

SharePoint CVE-2021-34519 Vulnerability (CVE-2021-34519)

Joomla! Core 3.x.x Security Bypass (3.8.8 - 3.9.16)

Severity

Medium

Classification

CVE-2013-4195 CWE-20

Tags

Missing Update Known Vulnerabilities