Improper Access Restriction in Plone Object Manager Implementation

Improper Access Restriction in Plone Object Manager Implementation

CVE-2013-4196 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request.

Learn more about our Internal Network Penetration Testing.