Description
traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers with administrator privileges to cause a denial of service (infinite loop and resource consumption) via unspecified vectors related to "retrieving information for certain resources."
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2011-3511 Vulnerability (CVE-2011-3511)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2024-1102)
MySQL CVE-2023-22059 Vulnerability (CVE-2023-22059)
WordPress Plugin Watu Quiz Unspecified Vulnerability (2.6)
WordPress Plugin Gallery by BestWebSoft Arbitrary File Disclosure (3.8.3)