Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
๐Ÿ”ฅ Daily Hot!
๐Ÿ’ช๐Ÿฝ CPE Enhanced Advisories
๐Ÿ•ถ Shadow Exploits
๐Ÿ•ต๐Ÿผ Vulners CPE
๐Ÿ” Security news
๐Ÿ’ป Exploit updates
๐Ÿ“‘ Blogs review
๐Ÿง Linux vulnerabilities
๐Ÿž Bugbounty
๐Ÿค– AI High Score
๐Ÿ“ฐ CVE Feed
show all

3 matches found

OSV
OSVโ€ขadded 2022/02/01 12:48 a.m.โ€ข0 views

GHSA-F7QW-5FGJ-247X Cross-site Scripting and Open Redirect in plone.app.contenttypes

Impact Plone is vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the imageviewfullscreen page in a cache, for example in Varnish. The technique is known as cache poisoning. Any later visitor can get redirected when clicking on a link...

4.3CVSS5.4AI score
Exploits0References3
PyPA
PyPAโ€ขadded 2022/01/28 10:15 p.m.โ€ข5 views

PYSEC-2022-21

Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a compromised version of the imageviewfullscre...

6.1CVSS5.9AI score0.00317EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesโ€ขadded 2022/01/28 12:0 a.m.โ€ข3 views

PT-2022-16115 ยท Unknownย +2 ยท Products.Atcontenttypesย +2

Name of the Vulnerable Software and Affected Versions: Plone versions 2.1 through 4.3 Products.ATContentTypes versions prior to 3.0.6 Description: The issue concerns reflected cross site scripting and open redirect vulnerabilities. An attacker can exploit these by getting a compromised version of...

6.1CVSS6AI score0.00317EPSS
Exploits0References13
Rows per page
Query Builder