PYSEC-2014-39
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2014-39.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2014-39
- Aliases
-
- CVE-2012-5497
- GHSA-683w-84m7-p8pw
- Published
- 2014-09-30T14:55:00Z
- Modified
- 2023-11-08T03:57:09.174732Z
- Summary
- [none]
- Details
-
membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL.
- References
Affected packages
PyPI / plone
Package
- Name
- plone
- View open source insights on deps.dev
- Purl
- pkg:pypi/plone
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.2.3Introduced4.3a0Fixed4.3b1
Affected versions
3.*
3.2a1
3.2rc1
3.2
3.2.1
3.2.2
3.2.3
3.3b1
3.3rc1
3.3rc2
3.3rc3
3.3rc4
3.3rc5
3.3
3.3.1
3.3.2
3.3.3
3.3.4
3.3.5
3.3.6
4.*
4.0a1
4.0a2
4.0a3
4.0a4
4.0a5
4.0b1
4.0b2
4.0b3
4.0b4
4.0b5
4.0rc1
4.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.0.9
4.0.10
4.1a1
4.1a2
4.1a3
4.1b1
4.1b2
4.1rc2
4.1rc3
4.1
4.1.1
4.1.2
4.1.3
4.1.4
4.1.5
4.1.6
4.2a1
4.2a2
4.2b1
4.2b2
4.2rc1
4.2rc2
4.2
4.2.1
4.2.2
4.3a1
4.3a2