plone.restapi in Plone 5.2.0 up to and including 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level.
We have received CVE numbers from mitreorg Thanks See inline below
On 21/01/2020 23:49, Maurits van Rees wrote:
CVE-2020-7938
CVE-2020-7936
CVE-2020-7940
CVE-2020-7941
CVE-2020-7939
CVE-2020-7937
--
Maurits van Rees mauritsvanreesorg/ ...