High severity8.8NVD Advisory· Published Sep 25, 2017· Updated May 13, 2026
CVE-2015-7293
CVE-2015-7293
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
PlonePyPI | < 5.0a1 | 5.0a1 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.htmlnvdExploitThird Party AdvisoryVDB EntryWEB
- www.exploit-db.com/exploits/38411/nvdExploitThird Party AdvisoryVDB Entry
- github.com/advisories/GHSA-p3qm-44cf-f8qxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-7293ghsaADVISORY
- plone.org/security/hotfix/20151006nvdVendor AdvisoryWEB
- pypi.python.org/pypi/plone4.csrffixesnvdThird Party AdvisoryWEB
- hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txtghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-51.yamlghsaWEB
- www.exploit-db.com/exploits/38411ghsaWEB
News mentions
0No linked articles in our index yet.