An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4, 4.3.3, 4.3.20, 4 allows attacker to access sensitive information via the RSS feed protlet.
The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Plone | Plone | 4.3 (including) | 4.3 (including) |
| Plone | Plone | 4.3.1 (including) | 4.3.1 (including) |
| Plone | Plone | 4.3.2 (including) | 4.3.2 (including) |
| Plone | Plone | 4.3.3 (including) | 4.3.3 (including) |
| Plone | Plone | 4.3.4 (including) | 4.3.4 (including) |
| Plone | Plone | 4.3.5 (including) | 4.3.5 (including) |
| Plone | Plone | 4.3.6 (including) | 4.3.6 (including) |
| Plone | Plone | 4.3.7 (including) | 4.3.7 (including) |
| Plone | Plone | 4.3.8 (including) | 4.3.8 (including) |
| Plone | Plone | 4.3.9 (including) | 4.3.9 (including) |
| Plone | Plone | 4.3.10 (including) | 4.3.10 (including) |
| Plone | Plone | 4.3.11 (including) | 4.3.11 (including) |
| Plone | Plone | 4.3.12 (including) | 4.3.12 (including) |
| Plone | Plone | 4.3.14 (including) | 4.3.14 (including) |
| Plone | Plone | 4.3.15 (including) | 4.3.15 (including) |
| Plone | Plone | 4.3.17 (including) | 4.3.17 (including) |
| Plone | Plone | 4.3.18 (including) | 4.3.18 (including) |
| Plone | Plone | 4.3.19 (including) | 4.3.19 (including) |
| Plone | Plone | 4.3.20 (including) | 4.3.20 (including) |
| Plone | Plone | 5.0 (including) | 5.0 (including) |
| Plone | Plone | 5.0-rc1 (including) | 5.0-rc1 (including) |
| Plone | Plone | 5.0-rc2 (including) | 5.0-rc2 (including) |
| Plone | Plone | 5.0-rc3 (including) | 5.0-rc3 (including) |
| Plone | Plone | 5.0.1 (including) | 5.0.1 (including) |
| Plone | Plone | 5.0.2 (including) | 5.0.2 (including) |
| Plone | Plone | 5.0.3 (including) | 5.0.3 (including) |
| Plone | Plone | 5.0.4 (including) | 5.0.4 (including) |
| Plone | Plone | 5.0.5 (including) | 5.0.5 (including) |
| Plone | Plone | 5.0.6 (including) | 5.0.6 (including) |
| Plone | Plone | 5.0.7 (including) | 5.0.7 (including) |
| Plone | Plone | 5.0.8 (including) | 5.0.8 (including) |
| Plone | Plone | 5.0.9 (including) | 5.0.9 (including) |
| Plone | Plone | 5.0.10 (including) | 5.0.10 (including) |
| Plone | Plone | 5.1-alpha2 (including) | 5.1-alpha2 (including) |
| Plone | Plone | 5.1.1 (including) | 5.1.1 (including) |
| Plone | Plone | 5.1.2 (including) | 5.1.2 (including) |
| Plone | Plone | 5.1.4 (including) | 5.1.4 (including) |
| Plone | Plone | 5.1.5 (including) | 5.1.5 (including) |
| Plone | Plone | 5.1.6 (including) | 5.1.6 (including) |
| Plone | Plone | 5.1.7 (including) | 5.1.7 (including) |
| Plone | Plone | 5.1a1-alpha1 (including) | 5.1a1-alpha1 (including) |
| Plone | Plone | 5.1a2-beta4 (including) | 5.1a2-beta4 (including) |
| Plone | Plone | 5.1b2-beta3 (including) | 5.1b2-beta3 (including) |
| Plone | Plone | 5.1b3-beta2 (including) | 5.1b3-beta2 (including) |
| Plone | Plone | 5.1b4-rc2 (including) | 5.1b4-rc2 (including) |
| Plone | Plone | 5.1rc1-rc1 (including) | 5.1rc1-rc1 (including) |
| Plone | Plone | 5.1rc2 (including) | 5.1rc2 (including) |
| Plone | Plone | 5.2.0 (including) | 5.2.0 (including) |
| Plone | Plone | 5.2.1 (including) | 5.2.1 (including) |
| Plone | Plone | 5.2.2 (including) | 5.2.2 (including) |
| Plone | Plone | 5.2.3 (including) | 5.2.3 (including) |
| Plone | Plone | 5.2.4 (including) | 5.2.4 (including) |