CVE-2015-7317: Privilege escalation

September 25, 2017 (updated October 6, 2017)

An incorrect kupu security declaration would allow any authenticated user to edit kupu settings.

References

plone.org/security/20150910/
plone.org/security/20150910/privilege-escalation-in-kupu
pypi.python.org/pypi/Products.PloneHotfix20150910

Detect and mitigate CVE-2015-7317 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →