PYSEC-2014-59

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2014-59.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2014-59

Aliases

CVE-2013-4195
GHSA-j67j-8hrp-76xm

Published

2014-03-11T19:37:00Z

Modified

2023-11-08T03:57:20.735708Z

Summary

[none]

Details

Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

References

Affected packages

PyPI / plone

Package

Name: plone; View open source insights on deps.dev
Purl: pkg:pypi/plone

Affected ranges

Type: ECOSYSTEM
Events: Introduced

2.1

Fixed

4.1.1

Introduced

4.2

Fixed

4.2.6

Introduced

4.3

Fixed

4.3.2

Affected versions

3.*

3.2a1

3.2rc1

3.2

3.2.1

3.2.2

3.2.3

3.3b1

3.3rc1

3.3rc2

3.3rc3

3.3rc4

3.3rc5

3.3

3.3.1

3.3.2

3.3.3

3.3.4

3.3.5

3.3.6

4.*

4.0a1

4.0a2

4.0a3

4.0a4

4.0a5

4.0b1

4.0b2

4.0b3

4.0b4

4.0b5

4.0rc1

4.0

4.0.1

4.0.2

4.0.3

4.0.4

4.0.5

4.0.6

4.0.7

4.0.8

4.0.9

4.0.10

4.1a1

4.1a2

4.1a3

4.1b1

4.1b2

4.1rc2

4.1rc3

4.1

4.2

4.2.1

4.2.2

4.2.3

4.2.4

4.2.5

4.3

4.3.1

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2014-59.yaml"