CSRF Vulnerability in Plone Batch ID Change Script
CVE-2012-5500 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request.
Learn more about our Web Application Penetration Testing UK.