A file system path exposure flaw was found in the way Plone, a user friendly and powerful content management system, used to present certain error messages in the wysiwyg component. A remote attacker could provide a specially-crafted URL that, when processed would lead to exposure of file system path (for the selected component) of the Plone instance.
The CVE identifier of CVE-2013-4194 has been assigned to this issue:
Created plone tracking bugs for this issue:
Affects: epel-5 [bug 991015]