Filter
Software
pip/PloneDue to incorrect access control in Plone version v6.0.9, remote attackers can view and list all file…
7.5
First published (updated )
Plone PloneThe HTTP PUT and DELETE methods are enabled in the Plone official Docker version 5.2.13 (5221), allo…
7.5
EPSS
0.05%
First published (updated )
Plone Plone Docker Official ImageAn issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remo…
9.8
EPSS
0.39%
First published (updated )
Plone Plone Docker Official ImageAn issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code ex…
6.1
EPSS
0.13%
First published (updated )
pip/PloneCross-Frame Scripting (XFS) on Plone CMS
7.1
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Plone Restplone.rest vulnerable to Denial of Service when ++api++ is used many times
7.5
First published (updated )
Plone Namedfileplone.namedfile vulnerable to Stored Cross Site Scripting with SVG images
5.4
First published (updated )
Plone PloneCross-site Scripting and Open Redirect in Products.ATContentTypes
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Plone IsurlinportalURL Redirection to Untrusted Site ('Open Redirect') in Products.isurlinportal
6.5
First published (updated )
Plone PlonePlone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arg…
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Plone PloneRemote Code Execution via traversal in TAL expressions
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Plone PloneExposure of Sensitive Information to an Unauthorized Actor in Products.PluggableAuthService ZODBRoleManager
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Plone PloneThe official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank p…
10
First published (updated )
Plone PloneAn open redirect on the login form (and possibly other places) in Plone 4.0 through 5.2.1 allows an …
6.1
First published (updated )
pip/plone.restapiplone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate t…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.