Lucene search
K

77 matches found

RedhatCVE
RedhatCVE
added 2026/03/07 1:44 a.m.7 views

CVE-2026-28413

Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...

6.1CVSS5.7AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/03/05 9:16 p.m.10 views

CVE-2026-28413

Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...

6.1CVSS0.00227EPSS
Exploits0References1
OSV
OSV
added 2026/03/05 8:16 p.m.6 views

CVE-2026-28413 Products.isurlinportal: Possible open redirect when using more than 2 forward slashes

Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...

5.3CVSS5.7AI score0.00227EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

Plone Python Library Multiple Vulnerabilities (20230921)

The detected version of Plone python package, plone, is prior to version 5.2.14 or 6.x prior to 6.0.7. It is, therefore, affected by the following the vulnerabilities: - Multiple stored cross site scripting vulnerabilities exits when handling SVG images. An authenticated, remote attacker can...

7.5CVSS6.1AI score0.00822EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/09 11:28 a.m.9 views

CVE-2021-33512

Plone through 5.2.4 allows stored XSS attacks by a Contributor by uploading an SVG or HTML document...

5.4CVSS5.6AI score0.0069EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:27 a.m.5 views

CVE-2021-33509

Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script...

9.9CVSS6.5AI score0.0204EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0187

Malware in sbrugna...

5.4CVSS5.4AI score0.00536EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2011-0018

Malware in sbrugna...

7.5CVSS6AI score0.03171EPSS
Exploits0References23
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-0061

Malware in sbrugna...

5CVSS6.3AI score0.014EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2007-0002

Malware in sbrugna...

7.5CVSS6AI score0.02187EPSS
Exploits0References20
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0065

Malware in sbrugna...

5CVSS6.3AI score0.014EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2014-0048

Malware in sbrugna...

5CVSS6AI score0.02589EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0079

Malware in sbrugna...

5.5CVSS6.3AI score0.01255EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-0066

Malware in sbrugna...

5CVSS6.3AI score0.01604EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-0142

Malware in sbrugna...

8.8CVSS8.5AI score0.01066EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-0058

Malware in sbrugna...

5CVSS6AI score0.02641EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-0085

Malware in sbrugna...

5.9CVSS6AI score0.02004EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-0140

Malware in sbrugna...

8.8CVSS8.5AI score0.01066EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-0098

Malware in sbrugna...

4.3CVSS4.7AI score0.01321EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-0070

Malware in sbrugna...

4.3CVSS6.3AI score0.01347EPSS
Exploits0References8
Rows per page
Query Builder