CVE-2012-5491
N/A
N/A
Summary
z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
- http://www.openwall.com/lists/oss-security/2012/11/10/1
- https://plone.org/products/plone/security/advisories/20121106/07
- https://plone.org/products/plone-hotfix/releases/20121106
References
- https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
- http://www.openwall.com/lists/oss-security/2012/11/10/1
- https://plone.org/products/plone/security/advisories/20121106/07
- https://plone.org/products/plone-hotfix/releases/20121106
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.