EPSS
Percentile
35.3%
Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file.
www.openwall.com/lists/oss-security/2021/05/22/1
github.com/advisories/GHSA-4mg4-wvmx-5332
plone.org/security/hotfix/20210518/server-side-request-forgery-via-event-ical-url