Template Injection Vulnerability in Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1

Template Injection Vulnerability in Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1

CVE-2016-4043 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Chameleon (five.pt) in Plone 5.0rc1 through 5.1a1 allows remote authenticated users to bypass Restricted Python by leveraging permissions to create or edit templates.

Learn more about our User Device Pen Test.