Vulnerability DatabaseCVE-2017-1000481
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2017-1000481
January 03, 2018
When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login, you get redirected to the page you tried to view before. An attacker might try to abuse this by letting you click on a specially crafted link. You would login, and get redirected to the site of the attacker, letting you think that you are still on the original Plone site. Or some javascript of the attacker could be executed. Most of these types of attacks are already blocked by Plone, using the `isURLInPortal` check to make sure we only redirect to a page on the same Plone site. But a few more ways of tricking Plone into accepting a malicious link were discovered, and fixed with this hotfix.
Affected Packages
plone (PYTHON):
Affected version(s) >=3.2a1 <4.3.16
Fix Suggestion:
Update to version 4.3.16
plone (PYTHON):
Affected version(s) >=5.0 <5.1.0
Fix Suggestion:
Update to version 5.1.0
products.cmfplone (PYTHON):
Affected version(s) >=5.1a1 <5.1.0
Fix Suggestion:
Update to version 5.1.0
products.cmfplone (PYTHON):
Affected version(s) >=4.0b1 <4.3.17
Fix Suggestion:
Update to version 4.3.17
products.cmfplone (PYTHON):
Affected version(s) >=5.0 <5.0.10
Fix Suggestion:
Update to version 5.0.10
Related ResourcesĀ (14)
https://github.com/plone/Products.CMFPlone/pull/2233
https://access.redhat.com/security/cve/CVE-2017-1000481
https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
https://nvd.nist.gov/vuln/detail/CVE-2017-1000481
https://plone.org/security/hotfix/20171128/open-redirection-on-login-form
https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
https://github.com/plone/Products.CMFPlone/issues/2232
https://github.com/plone/Products.CMFPlone/pull/2235
https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
https://github.com/plone/Products.CMFPlone/pull/2234
https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-70.yaml
https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
https://github.com/plone/Products.CMFPlone/pull/2236
https://github.com/plone/Products.CMFPlone
Do you need more information?
Contact Us
CVSS v4
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
NONE
Subsequent System Confidentiality
LOW
Subsequent System Integrity
LOW
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE
CVSS v2
Base Score:
5.8
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
Weakness Type (CWE)
URL Redirection to Untrusted Site ('Open Redirect')
CWE-601
EPSS
Base Score:
0.20