pysec-2014-64
Vulnerability from pysec
Published
2014-01-21 16:06
Modified
2021-07-25 23:34
Details
The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login.
Aliases
{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "plone", "purl": "pkg:pypi/plone" }, "ranges": [ { "events": [ { "introduced": "2.1" }, { "fixed": "4.1.1" }, { "introduced": "4.2" }, { "fixed": "4.2.6" }, { "introduced": "4.3" }, { "fixed": "4.3.2" } ], "type": "ECOSYSTEM" } ], "versions": [ "3.2", "3.2.1", "3.2.2", "3.2.3", "3.2a1", "3.2rc1", "3.3", "3.3.1", "3.3.2", "3.3.3", "3.3.4", "3.3.5", "3.3.6", "3.3b1", "3.3rc1", "3.3rc2", "3.3rc3", "3.3rc4", "3.3rc5", "4.0", "4.0.1", "4.0.10", "4.0.2", "4.0.3", "4.0.4", "4.0.5", "4.0.6", "4.0.7", "4.0.8", "4.0.9", "4.0a1", "4.0a2", "4.0a3", "4.0a4", "4.0a5", "4.0b1", "4.0b2", "4.0b3", "4.0b4", "4.0b5", "4.0rc1", "4.1", "4.1a1", "4.1a2", "4.1a3", "4.1b1", "4.1b2", "4.1rc2", "4.1rc3", "4.2", "4.2.1", "4.2.2", "4.2.3", "4.2.4", "4.2.5", "4.3", "4.3.1" ] } ], "aliases": [ "CVE-2013-4200" ], "details": "The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the \"next\" parameter to acl_users/credentials_cookie_auth/require_login.", "id": "PYSEC-2014-64", "modified": "2021-07-25T23:34:47.517338Z", "published": "2014-01-21T16:06:00Z", "references": [ { "type": "ADVISORY", "url": "http://plone.org/products/plone/security/advisories/20130618-announcement" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2013/08/01/2" }, { "type": "WEB", "url": "http://plone.org/products/plone-hotfix/releases/20130618" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/530787/100/0/threaded" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.