Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
References
Link | Resource |
---|---|
https://www.exploit-db.com/exploits/38411/ | Exploit Third Party Advisory VDB Entry |
https://pypi.python.org/pypi/plone4.csrffixes | Third Party Advisory |
https://plone.org/security/hotfix/20151006 | Vendor Advisory |
http://packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.html | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2017-09-25 14:29
Updated : 2017-10-06 07:05
NVD link : CVE-2015-7293
Mitre link : CVE-2015-7293
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
zope
- zope_management_interface
plone
- plone