CVE-2012-5497 in Ploneinfo

Summary

membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

10/24/2012

Disclosure

09/30/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
71679Plone User Account information disclosure200Not definedOfficial fixCVE-2012-5497

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!