Lucene search
+L

5 matches found

circl
circl
added 2026/07/07 9:7 p.m.9 views

CVE-2020-28735

creationtimestamp| type| source ---|---|--- 2026-07-07 21:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq3j4zaqre2f...

8.8CVSS7.2AI score0.01066EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 3:56 p.m.5 views

CVE-2020-28735

Plone before 5.2.3 allows SSRF attacks via the tracebacks feature only available to the Manager role...

8.8CVSS6.8AI score0.01066EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/04/07 9:13 p.m.5 views

plone-app-portlets (>=5.0.0a3 <=5.0.0a4) potentially affected by CVE-2020-28735 via plone-app-event (=3.2.1)

plone-app-event PYPI version =3.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on plone-app-event and may be impacted: - plone-app-portlets =5.0.0a3, =5.0.0a4 Source cves: CVE-2020-28735 Source advisory: OSV:GHSA-X7WF-5MJC-6X76...

8.8CVSS7.2AI score0.01066EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/04/07 9:13 p.m.6 views

plone-app-z3cform (>=4.0.0a1 <=4.0.0a10) potentially affected by CVE-2020-28735 via plone-app-dexterity (=2.5.2)

plone-app-dexterity PYPI version =2.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on plone-app-dexterity and may be impacted: - plone-app-z3cform =4.0.0a1, =4.0.0a10 Source cves: CVE-2020-28735 Source advisory: OSV:GHSA-X7WF-5MJC-6X76...

8.8CVSS7.2AI score0.01066EPSS
Exploits0
cve
cve
added 2020/12/30 6:38 p.m.93 views

CVE-2020-28735

CVE-2020-28735 affects Plone versions before 5.2.3, where the tracebacks feature (accessible to the Manager role) enables SSRF attacks. The issue is described across multiple sources as a vulnerability in Plone prior to 5.2.3 that allows server-side request forgery via tracebacks. Remediation is ...

8.8CVSS8.5AI score0.01066EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder