Chameleon (five.pt) in Plone 5.0rc1 up to and including 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
plone plone 5.0 |
||
plone plone 5.0.2 |
||
plone plone 5.0.3 |
||
plone plone 5.0.4 |
||
plone plone 5.1a1 |
||
plone plone 5.0.1 |