Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.
Max CVSS
7.5
EPSS Score
2.13%
Published
2007-11-07
Updated
2018-10-15
1 vulnerabilities found