Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Plone 多个开放重定向漏洞
Vulnerability Description
Plone是美国Plone基金会的一套建立在应用服务器(Zope)上的免费且开源的内容管理系统(CMS)。该系统采用Python语言开发,适用于门户网站、企业内外网站、文档发布系统等。 Plone中的marmoset_patch.py,publish.py及principiaredirect.py文件中存在开放重定向漏洞。远程攻击者可利用该漏洞重定向用户到任意网站,实施钓鱼攻击。以下版本受到影响:Plone 2.1至4.1版本,4.2.x至4.2.5版本,4.3.x至4.3.1版本。
CVSS Information
N/A
Vulnerability Type
N/A