CVE-2013-4195

Plone 2.1-4.1, 4.2-4.2.5, 4.3-4.3.1 - Open Redirect via marmoset_patch.py, publish.py, and principiaredirect.py

Title source: llm
STIX 2.1

Description

Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

References (4)

Core 4
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=978471
Mailing List mailing-list x_refsource_mlist
http://seclists.org/oss-sec/2013/q3/261

Scores

EPSS 0.0119
EPSS Percentile 64.3%

Details

CWE
CWE-20
Status published
Products (50)
plone/plone 2.1
plone/plone 2.1.1
plone/plone 2.1.2
plone/plone 2.1.3
plone/plone 2.1.4
plone/plone 2.5
plone/plone 2.5.1
plone/plone 2.5.2
plone/plone 2.5.3
plone/plone 2.5.4
... and 40 more
Published Mar 11, 2014
Tracked Since Feb 18, 2026