Red Hat Bugzilla – Bug 978449
CVE-2013-4188 plone: DoS (infinite loop) by administrator privilege users when retrieving information for certain resources (traverser.py)
Last modified: 2015-08-22 01:56:03 EDT
A denial of service flaw was found in the way Plone, a user friendly and powerful content management system, performed particular resource related information retrieval in certain cases (request interaction with internal traversal machinery). A remote attacker, having administrator privilege to certain subset of Plone action screens / functionality, could use this flaw to cause uncontrolled resource consumption (infinite loop) by issuing a specially-crafted request.
The CVE identifier of CVE-2013-4188 has been assigned to this issue:
Created plone tracking bugs for this issue:
Affects: epel-5 [bug 991015]