EUVD-2021-0195

Malware in sbrugna...

CVE-2021-33513

Plone through 5.2.4 allows XSS via the inlinediff methods in Products.CMFDiffTool...

Cross-site scripting in Plone

Plone through 5.2.4 allows XSS via the inlinediff methods in Products.CMFDiffTool...

GHSA-FJ67-W3M4-RFMP Cross-site scripting in Plone

Plone through 5.2.4 allows XSS via the inlinediff methods in Products.CMFDiffTool...

Plone cross-site scripting vulnerability (CNVD-2021-37275)

Plone is the industry's leading open source CMS system for content management, document management and knowledge management. A cross-site scripting vulnerability exists in Plone 5.2.4 and earlier versions. The vulnerability can be exploited to conduct cross-site scripting attacks via the inlinedi...

CVE-2021-33513

Plone through 5.2.4 allows XSS via the inlinediff methods in Products.CMFDiffTool...

Design/Logic Flaw

Plone through 5.2.4 allows XSS via the inlinediff methods in Products.CMFDiffTool...

CVE-2021-33513

Plone through 5.2.4 allows XSS via the inlinediff methods in Products.CMFDiffTool...

CVE-2021-33513

CVE-2021-33513 affects Plone up to version 5.2.4, where cross-site scripting is possible via the inline_diff methods in Products.CMFDiffTool. The root cause is an XSS flaw in CMFDiffTool’s inline_diff implementation. Public references indicate a specific security fix was released as a Plone hotfi...