Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2013-4200

The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login.

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
plone / plone 3.3 3.3.x
plone / plone 4.0.5 4.0.5.x
plone / plone 3.0.1 3.0.1.x
plone / plone 3.0 3.0.x
plone / plone 3.2.3 3.2.3.x
plone / plone 3.1.4 3.1.4.x
plone / plone 3.1.5.1 3.1.5.1.x
plone / plone 2.1.4 2.1.4.x
plone / plone 4.0.2 4.0.2.x
plone / plone 3.3.5 3.3.5.x
plone / plone 3.0.6 3.0.6.x
plone / plone 3.2 3.2.x
plone / plone 3.1.1 3.1.1.x
plone / plone 2.1.1 2.1.1.x
plone / plone 3.3.4 3.3.4.x
plone / plone 3.3.2 3.3.2.x
plone / plone 4.0.4 4.0.4.x
plone / plone 3.1.7 3.1.7.x
plone / plone 4.1 4.1.x
plone / plone 3.2.2 3.2.2.x
plone / plone 2.1.2 2.1.2.x
plone / plone 3.0.3 3.0.3.x
plone / plone 3.3.1 3.3.1.x
plone / plone 3.0.4 3.0.4.x
plone / plone 3.1.2 3.1.2.x
plone / plone 3.2.1 3.2.1.x
plone / plone 4.0 4.0.x
plone / plone 3.0.5 3.0.5.x
plone / plone 4.0.6.1 4.0.6.1.x
plone / plone 4.0.1 4.0.1.x
plone / plone 3.0.2 3.0.2.x
plone / plone 2.1 2.1.x
plone / plone 3.1 3.1.x
plone / plone 3.3.3 3.3.3.x
plone / plone 2.1.3 2.1.3.x
plone / plone 3.1.6 3.1.6.x
plone / plone 3.1.3 3.1.3.x
plone / plone 4.0.3 4.0.3.x
plone / plone 4.2.3 4.2.3.x
plone / plone 4.3 4.3.x
plone / plone 4.2.2 4.2.2.x
plone / plone 4.2.5 4.2.5.x
plone / plone 4.3.1 4.3.1.x
plone / plone 4.2.4 4.2.4.x
plone / plone 4.2 4.2.x
plone / plone 4.2.1 4.2.1.x
plone - 4.1.1
plone 4.2.0 4.2.6
plone 4.3.0 4.3.2