PYSEC-2020-87

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2020-87.yaml

Aliases

• CVE-2020-7938
• GHSA-cjg3-q24h-9qwf

Published

2020-01-23T21:15:00Z

Modified

2023-11-08T04:04:11.682563Z

Details

plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level.

References

• https://plone.org/security/hotfix/20200121
• https://plone.org/security/hotfix/20200121/privilege-escalation-when-plone-restapi-is-installed
• https://www.openwall.com/lists/oss-security/2020/01/22/1
• http://www.openwall.com/lists/oss-security/2020/01/24/1