Plone — CWE-770
All Frameworks
›
Plone
›
CWE-770
1 CVEs categorized as
CWE-770 — Allocation of Resources Without Limits or Throttling
in
Plone
.
CVE-2023-42457
HIGH
2023
plone.rest allows users to use HTTP verbs such as GET, POST, PUT, DELETE, etc. in Plone. Starting in the 2.x branch and prior to versions 2.0.1 and 3.0.1, when the `++api++` traverser is accidentally used multiple times in a url, handling it takes increasingly longer, making the server less responsi…