Description
Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates.
Remediation
References
Related Vulnerabilities
WordPress Plugin Sticky Related Posts Cross-Site Scripting (1.0)
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-9451)
Joomla CVE-2012-0821 Vulnerability (CVE-2012-0821)
WordPress Plugin Revive Old Post-Auto Post to Social Media 'cat' Parameter SQL Injection (3.2.5)