cbcvebase.
CVE-2012-5493
published 2014-09-30

CVE-2012-5493: gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute…

PriorityP346high8.5CVSS 2.0
AVNACMAuSCCICAC
EPSS
1.70%
74.3th percentile
gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.

Affected

68 ranges· showing 25
VendorProductVersion rangeFixed in
ploneplone<= 4.2.2
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone
ploneplone

CVSS provenance

nvdv2.08.5HIGHAV:N/AC:M/Au:S/C:C/I:C/A:C
vendor_redhat8.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.