Description

Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method.

Remediation

References

CVE-2017-5524

Related Vulnerabilities

SharePoint CVE-2022-30157 Vulnerability (CVE-2022-30157)

WordPress Plugin SiteGround Security Security Bypass (1.2.5)

concrete5 Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-22958)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-0541)

WordPress Plugin Drag and Drop Multiple File Upload-Contact Form 7 Security Bypass (1.3.6.4)

Severity

Medium

Classification

CVE-2017-5524 CWE-134 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities