Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-23756

The HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 (5221), allowing unauthenticated attackers to execute dangerous actions such as uploading files to the server or deleting them.

  • Published: Feb 8, 2024
  • Updated: Feb 16, 2024
  • CVE: CVE-2024-23756
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

No CWE or OWASP classifications available.

Software From Fixed in
plone / plone 5.2.13 5.2.13.x