Description

plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level.

Remediation

References

CVE-2020-7938

Related Vulnerabilities

Dot CMS Uncontrolled Recursion Vulnerability (CVE-2022-37034)

WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.2.0)

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-21967)

PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-0207)

WordPress Plugin Featurific For WordPress 'snum' Parameter Cross-Site Scripting (1.6.2)

Severity

High

Classification

CVE-2020-7938 CWE-269 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities