Moderate severityNVD Advisory· Published Mar 5, 2024· Updated Oct 31, 2024
CVE-2024-22889
CVE-2024-22889
Description
Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
PlonePyPI | <= 6.0.9 | — |
Affected products
1Patches
Vulnerability mechanics
References
2- github.com/advisories/GHSA-xg5p-8wg5-rhxmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-22889ghsaADVISORY
News mentions
0No linked articles in our index yet.