CVE-2011-0720

high

Description

Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.

References

http://osvdb.org/70753

http://plone.org/products/plone/security/advisories/cve-2011-0720

http://secunia.com/advisories/43146

http://secunia.com/advisories/43914

http://www.redhat.com/support/errata/RHSA-2011-0393.html

http://www.redhat.com/support/errata/RHSA-2011-0394.html

http://www.securityfocus.com/bid/46102

http://www.securitytracker.com/id?1025258

http://www.vupen.com/english/advisories/2011/0796

https://exchange.xforce.ibmcloud.com/vulnerabilities/65099

Details

Source: MITRE

Published: 2011-02-03

Updated: 2017-08-17

Type: NVD-CWE-noinfo

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH