WEB APPLICATION VULNERABILITIES Standard & Premium

Plone CMS Improper Input Validation Vulnerability (CVE-2013-4199)

Description

(1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed).

Remediation

References

Related Vulnerabilities

WordPress 3.7.x Prototype Pollution (3.7 - 3.7.37)

WordPress Plugin WPtouch Cross-Site Request Forgery (1.9.31)

Moodle Other Vulnerability (CVE-2022-30597)

Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2021-24122)

OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)

Severity

Low

Classification

CVE-2013-4199 CWE-20

Tags

Missing Update Known Vulnerabilities