CVE-2016-7137

Name of the Vulnerable Software and Affected Versions Plone CMS versions 3.3.x through 3.3.6 Plone CMS versions 4.x through 4.3.11 Plone CMS versions 5.x through 5.0.6

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. This can be achieved via a URL in the referer parameter to specific endpoints, such as %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions or folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions, or the came from parameter to the /login form endpoint.

Recommendations For Plone CMS versions 3.3.x through 3.3.6, update to a version outside of this range to mitigate the risk. For Plone CMS versions 4.x through 4.3.11, update to a version outside of this range to mitigate the risk. For Plone CMS versions 5.x through 5.0.6, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting access to the vulnerable endpoints, such as %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions and folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions, and avoid using the came from parameter in the /login form endpoint until a patch is available.