PYSEC-2014-30
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2014-30.yaml
- JSON Data
- https://api.test.osv.dev/v1/vulns/PYSEC-2014-30
- Aliases
-
- CVE-2012-5488
- GHSA-cxw7-85xm-3xrc
- Published
- 2014-09-30T14:55:00Z
- Modified
- 2023-11-01T04:44:51.555921Z
- Summary
- [none]
- Details
-
python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.
- References
Affected packages
PyPI / plone
Package
- Name
- plone
- View open source insights on deps.dev
- Purl
- pkg:pypi/plone
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.2.3Introduced4.3a0Fixed4.3b1
Affected versions
3.*
3.2a1
3.2rc1
3.2
3.2.1
3.2.2
3.2.3
3.3b1
3.3rc1
3.3rc2
3.3rc3
3.3rc4
3.3rc5
3.3
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
4.*
4.0a1
4.0a2
4.0a3
4.0a4
4.0a5
4.0b1
4.0b2
4.0b3
4.0b4
4.0b5
4.0rc1
4.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.1a1
4.1a2
4.1a3
4.1b1
4.1b2
4.1rc2
4.1rc3
4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.2a1
4.2a2
4.2b1
4.2b2
4.2rc1
4.2rc2
4.2
4.2.1
4.2.2
4.3a1
4.3a2