CVE-2016-4043

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-4043

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4043.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-4043

Aliases

Published

2017-02-24T20:59:00.360Z

Modified

2026-02-12T23:56:35.659881Z

Severity

4.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates.

References

Affected packages

Git / github.com/plone/plone

Affected ranges

Type: GIT
Repo: https://github.com/plone/plone
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

c4244a4887e0901a1c17b3ee60e1cfbe19ee46c5

Affected versions

4.*

4.1.0

4.1a1

4.1a2

4.1a3

4.1b1

4.1b2

4.1rc1

4.1rc2

4.1rc3

4.2a1

4.2a2

4.2b1

4.2b2

4.2rc1

4.3

4.3.1

4.3a1

4.3a2

4.3b1

4.3b2

5.*

5.0

5.0a2

5.0a3

5.0b1

5.0b3

5.0b4

5.0rc1

5.0rc2

5.0rc3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4043.json"