CVE-2011-2528

First published: Mon Jul 04 2011(Updated: )

It was reported [1] that Plone suffers from a vulnerability that can be exploited to bypass certain security restrictions. This is due to a vulnerable bundled version of Zope. Plone 3.x users that backported the fix for <a href="https://access.redhat.com/security/cve/CVE-2011-0720">CVE-2011-0720</a> (PloneHotfix20110720) are affected due to the vulnerability being inadvertently backported via the hotfix. A new hotfix (20110622) is available [2] to correct the flaw. [1] <a href="http://plone.org/products/plone/security/advisories/20110622">http://plone.org/products/plone/security/advisories/20110622</a> [2] <a href="http://plone.org/products/plone-hotfix/releases/20110622">http://plone.org/products/plone-hotfix/releases/20110622</a>

Credit: secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-historical
• collector/nvd-index
• agent/type
• agent/remedy
• agent/first-publish-date
• collector/mitre-cve
• source/MITRE
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2011-2528
• agent/severity
• agent/weakness
• agent/author
• agent/description
• collector/github-advisory-latest
• source/GitHub
• alias/GHSA-p6h9-hpcg-c6gm
• agent/software-canonical-lookup
• agent/last-modified-date
• agent/references
• agent/tags
• agent/softwarecombine
• agent/event
• vendor/zope
• canonical/zope zope
• version/zope zope/2.12.0-a2
• version/zope zope/2.12.11
• version/zope zope/2.12.9
• version/zope zope/2.12.8
• vendor/plone
• canonical/plone plone
• version/plone plone/4.0.5
• version/zope zope/2.13.0-a3
• version/zope zope/2.12.16
• version/zope zope/2.13.0-c1
• version/zope zope/2.12.10
• version/zope zope/2.12.3
• version/zope zope/2.12.12
• version/plone plone/4.0.2
• version/zope zope/2.13.0-b1
• version/zope zope/2.13.0
• version/zope zope/2.12.17
• version/zope zope/2.12.14
• version/zope zope/2.12.15
• version/plone plone/4.0.8
• version/zope zope/2.12.0
• version/plone plone/4.0.7
• version/plone plone/4.0.4
• version/zope zope/2.12.0-b1
• version/zope zope/2.12.5
• version/zope zope/2.12.0-a4
• version/zope zope/2.12.0-a1
• version/zope zope/2.13.7
• version/plone plone/4.1
• version/zope zope/2.12.18
• version/zope zope/2.13.2
• version/zope zope/2.13.4
• version/zope zope/2.13.1
• version/zope zope/2.12.6
• version/zope zope/2.12.2
• version/zope zope/2.13.0-a2
• version/zope zope/2.12.0-b2
• version/plone plone/4.0
• version/plone plone/4.0.6.1
• version/zope zope/2.12.0-a3
• version/zope zope/2.13.0-a1
• version/zope zope/2.12.0-b3
• version/zope zope/2.13.3
• version/zope zope/2.13.5
• version/zope zope/2.12.7
• version/zope zope/2.13.0-a4
• version/plone plone/4.0.1
• version/zope zope/2.12.4
• version/zope zope/2.13.6
• version/zope zope/2.12.0-b4
• version/plone plone/4.0.3
• version/zope zope/2.12.1
• version/zope zope/2.12.13
• canonical/plone plone hotfix 20110720
• version/plone plone/3.0
• version/plone plone/3.0.1
• version/plone plone/3.0.2
• version/plone plone/3.0.3
• version/plone plone/3.0.4
• version/plone plone/3.0.5
• version/plone plone/3.0.6
• version/plone plone/3.1
• version/plone plone/3.1.1
• version/plone plone/3.1.2
• version/plone plone/3.1.3
• version/plone plone/3.1.4
• version/plone plone/3.1.5.1
• version/plone plone/3.1.6
• version/plone plone/3.1.7
• version/plone plone/3.2
• version/plone plone/3.2.1
• version/plone plone/3.2.2
• version/plone plone/3.2.3
• version/plone plone/3.3
• version/plone plone/3.3.1
• version/plone plone/3.3.2
• version/plone plone/3.3.3
• version/plone plone/3.3.4
• version/plone plone/3.3.5
• version/plone plone/3.3.6
• package-manager/pip