CVE-2012-5486 in Plone and Zope Products
Published on September 30, 2014

ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.

Vendor Advisory NVD

Products Associated with CVE-2012-5486

stack.watch emails you whenever new vulnerabilities are published in Plone or Zope. Just hit a watch button to start following.

Plone

Zope

Exploit Probability

EPSS

0.82%

Percentile

74.22%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2012-5486 in Plone and Zope ProductsPublished on September 30, 2014

Products Associated with CVE-2012-5486

Exploit Probability

CVE-2012-5486 in Plone and Zope Products
Published on September 30, 2014