Plone · Plone · CVE-2012-5506
**Name of the Vulnerable Software and Affected Versions**
Plone versions prior to 4.2.3
Plone versions 4.3 before beta 1
**Description**
The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, by sending an RSS feed request for a folder that the user does not have permission to access.
**Recommendations**
For Plone versions prior to 4.2.3, update to version 4.2.3 or later.
For Plone versions 4.3 before beta 1, update to beta 1 or later.