Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T00:09:18.479Z
Reserved: 2011-11-17T00:00:00
Link: CVE-2011-4462

No data.

Status : Modified
Published: 2011-12-30T01:55:01.377
Modified: 2024-11-21T01:32:24.550
Link: CVE-2011-4462
