What is the vulnerability CVE-2021-29002?

The vulnerability CVE-2021-29002 is a stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3.

How does the vulnerability CVE-2021-29002 occur?

The vulnerability CVE-2021-29002 occurs in the site-controlpanel via the "form.widgets.site_title" parameter.

What is the severity level of vulnerability CVE-2021-29002?

The severity level of vulnerability CVE-2021-29002 is medium (5.4).

How can I fix the vulnerability CVE-2021-29002 in Plone CMS 5.2.3?

To fix the vulnerability CVE-2021-29002 in Plone CMS 5.2.3, apply the necessary patches or updates provided by Plone or the vendor.

Is there any additional information or references available for vulnerability CVE-2021-29002?

Yes, you can find additional information and references for vulnerability CVE-2021-29002 in the following sources: [GitHub](https://github.com/plone/Products.CMFPlone/issues/3255), [Exploit DB](https://www.exploit-db.com/exploits/49668).

Vulnerability/
CVE-2021-29002

medium

5.4

CWE

24/3/2021

24/5/2022

22/11/2024

CVE-2021-29002: XSS

First published: Wed Mar 24 2021(Updated: )

A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 exists in site-controlpanel via the "form.widgets.site_title" parameter.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Plone Plone	=5.2.3
pip/plone	<=5.2.3
	=5.2.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability CVE-2021-29002?
The vulnerability CVE-2021-29002 is a stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3.
How does the vulnerability CVE-2021-29002 occur?
The vulnerability CVE-2021-29002 occurs in the site-controlpanel via the "form.widgets.site_title" parameter.
What is the severity level of vulnerability CVE-2021-29002?
The severity level of vulnerability CVE-2021-29002 is medium (5.4).
How can I fix the vulnerability CVE-2021-29002 in Plone CMS 5.2.3?
To fix the vulnerability CVE-2021-29002 in Plone CMS 5.2.3, apply the necessary patches or updates provided by Plone or the vendor.
Is there any additional information or references available for vulnerability CVE-2021-29002?
Yes, you can find additional information and references for vulnerability CVE-2021-29002 in the following sources: [GitHub](https://github.com/plone/Products.CMFPlone/issues/3255), [Exploit DB](https://www.exploit-db.com/exploits/49668).

collector/nvd-index
agent/type
agent/references
agent/severity
agent/weakness
agent/description
agent/author
agent/softwarecombine
collector/nvd-cve
source/NVD
agent/software-canonical-lookup
collector/github-advisory
source/GitHub
alias/GHSA-38g6-x6jv-jwff
alias/CVE-2021-29002
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/event
agent/first-publish-date
collector/github-advisory-latest
vendor/plone
canonical/plone plone
version/plone plone/5.2.3
package-manager/pip

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.