Description
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access.
Remediation
References
Related Vulnerabilities
WordPress Plugin NEX-Forms-Ultimate Form builder Multiple SQL Injection Vulnerabilities (4.0)
WordPress Plugin MyBB Cross-Poster Cross-Site Scripting (1.0)
WordPress Plugin Encrypted Blog Multiple Vulnerabilities (0.0.6.2)
Joomla Incorrect Authorization Vulnerability (CVE-2020-11891)
WordPress Plugin Zero BS WordPress CRM Cross-Site Request Forgery (2.99.9)