VYPR
Moderate severityNVD Advisory· Published Jan 23, 2020· Updated Aug 4, 2024

CVE-2020-7936

CVE-2020-7936

Description

An open redirect on the login form (and possibly other places) in Plone 4.0 through 5.2.1 allows an attacker to craft a link to a Plone Site that, when followed, and possibly after login, will redirect to an attacker's site.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
PlonePyPI
>= 4.0, < 4.3.204.3.20
PlonePyPI
>= 5.0rc1, < 5.1.75.1.7
PlonePyPI
>= 5.2.0, < 5.2.25.2.2

Affected products

2
  • Plone/Plonedescription
  • ghsa-coords
    Range: >= 4.0, < 4.3.20

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.