Plone · Plone · CVE-2012-5505
**Name of the Vulnerable Software and Affected Versions**
Plone versions prior to 4.2.3
Plone version 4.3 before beta 1
**Description**
The issue allows remote attackers to read private data structures via a request for a view without a name. This is possible due to a flaw in the `atat.py` component.
**Recommendations**
For Plone versions prior to 4.2.3, update to version 4.2.3 or later.
For Plone version 4.3 before beta 1, update to beta 1 or later.
As a temporary workaround, consider restricting access to the `atat.py` component until a patch is available.