Description

Unspecified vulnerability in (1) Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and (2) PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-0720.

Remediation

References

CVE-2011-2528

Related Vulnerabilities

Magento CVE-2022-34259 Vulnerability (CVE-2022-34259)

Ember.js Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-0013)

Oracle JRE CVE-2020-2830 Vulnerability (CVE-2020-2830)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-6263)

Elgg Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2021-3964)

Severity

High

Classification

CVE-2011-2528

Tags

Missing Update Known Vulnerabilities