Lucene search
MitreCVELIST:CVE-2020-28736HistoryDec 30, 2020 - 6:40 p.m.
CVE-2020-28736
2020-12-3018:40:52
mitre
www.cve.org
Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata (therefore, only available to the Manager role).
Related
cve
cve
CVE-2020-28736
2020-12-30 19:15:13
osv
osv
CVE-2020-28736
2020-12-30 19:15:13
PYSEC-2020-248
2020-12-30 19:15:00
Improper Restriction of XML External Entity Reference in Plone
2021-04-07 21:14:00
nvd
nvd
CVE-2020-28736
2020-12-30 19:15:13
github
github
Improper Restriction of XML External Entity Reference in Plone
2021-04-07 21:14:00
prion
prion
Design/Logic Flaw
2020-12-30 19:15:00
veracode
veracode
XML External Entity (XXE)
2021-01-01 06:46:28
openvas
openvas
Plone CMS < 5.2.3 Multiple Vulnerabilities
2021-01-15 00:00:00