The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-11-03T22:00:00
Updated: 2014-11-03T21:57:00
Reserved: 2012-10-24T00:00:00
Link: CVE-2012-5500
JSON object: View
NVD Information
Status : Modified
Published: 2014-11-03T22:55:05.663
Modified: 2023-02-13T04:37:09.847
Link: CVE-2012-5500
JSON object: View
Redhat Information
No data.
CWE