PYSEC-2020-90
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/plone/PYSEC-2020-90.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2020-90
- Aliases
- Published
- 2020-01-23T21:15:00Z
- Modified
- 2023-11-08T04:04:11.865688Z
- Summary
- [none]
- Details
-
A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission.
- References
Affected packages
PyPI / plone
Package
- Name
- plone
- View open source insights on deps.dev
- Purl
- pkg:pypi/plone
Affected versions
4.*
4.3
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.8
4.3.9
4.3.10
4.3.11
4.3.12
4.3.13
4.3.14
4.3.15
4.3.16
4.3.17
4.3.18
4.3.19
4.3.20
5.*
5.0a1
5.0a2
5.0a3
5.0b1
5.0b2
5.0b3
5.0b4
5.0rc1
5.0rc2
5.0rc3
5.0
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.0.6
5.0.7
5.0.8
5.0.9
5.0.10
5.1a1
5.1a2
5.1b1
5.1b2
5.1b3
5.1b4
5.1rc1
5.1rc2
5.1.0
5.1.1
5.1.2
5.1.3
5.1.4
5.1.5
5.1.6
5.1.7
5.2a1
5.2a2
5.2b1
5.2rc1
5.2rc2
5.2rc3
5.2rc4
5.2rc5
5.2.0
5.2.1