A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Plone | Plone | 4.3.0 (including) | 5.2.1 (including) |