Description
queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-12157)
WordPress Improper Input Validation Vulnerability (CVE-2008-2392)
TYPO3 Improper Authentication Vulnerability (CVE-2009-0256)
WordPress Plugin Sermon Browser Multiple Cross-Site Scripting Vulnerabilities (0.45.15)