User Portrait Manipulation Vulnerability in Plone

User Portrait Manipulation Vulnerability in Plone

CVE-2013-4197 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.

Learn more about our User Device Pen Test.