Improper Access Restriction in Plone Object Manager Implementation
CVE-2013-4196 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request.
Learn more about our Internal Network Penetration Testing.