1357 matches found
Plone Docker - Host Header Injection
Plone Docker Official Image 5.2.13 5221 is vulnerable to Host Header Injection due to improper validation of input by the HOST headers. This can lead to Cross-Site Scripting XSS attacks when the malicious Host header value is reflected in the response. id: CVE-2024-23055 info: name: Plone Docker ...
PYSEC-2026-1798 Phone information disclosure vulnerability
Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request...
PYSEC-2026-1797 Cross-Frame Scripting vulnerability has been found on Plone CMS
A Cross-Frame Scripting vulnerability has been found on Plone CMS affecting version below 6.0.5. An attacker could store a malicious URL to be opened by an administrator and execute a malicios iframe element...
PYSEC-2026-735 Improper Restriction of XML External Entity Reference in Plone
Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata therefore, only available to the Manager role...
PYSEC-2026-764 High severity vulnerability that affects Plone and Zope2
Unspecified vulnerability in 1 Zope 2.12.x before 2.12.19 and 2.13.x before 2.13.8, as used in Plone 4.x and other products, and 2 PloneHotfix20110720 for Plone 3.x allows attackers to gain privileges via unspecified vectors, related to a "highly serious vulnerability." NOTE: this vulnerability...
PYSEC-2026-736 Improper Restriction of XML External Entity Reference in Plone
Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role...
PYSEC-2026-737 SSRF attacks via tracebacks in Plone
Plone before 5.2.3 allows SSRF attacks via the tracebacks feature only available to the Manager role...
PT-2026-54521
Name of the Vulnerable Software and Affected Versions Plone versions 7.0.0 through 7.0.1 Plone versions 6.0.0 through 6.0.3 Plone versions 5.0.0 through 5.0.7 Description A critical remote code execution RCE flaw allows TALES injection via the Classic portlet. TALES is a templating language used ...
PYSEC-2026-459 Plone Unauthenticated Write Vulnerability
A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT overwrite some content without needing write permission...
CVE-2026-28413
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...
CVE-2026-28413
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...
PYSEC-2026-112
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...
PYSEC-2026-112
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...
CVE-2026-28413 Products.isurlinportal: Possible open redirect when using more than 2 forward slashes
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...
CVE-2026-28413 Products.isurlinportal: Possible open redirect when using more than 2 forward slashes
Products.isurlinportal is a replacement for isURLInPortal method in Plone. Prior to versions 2.1.0, 3.1.0, and 4.0.0, a url /login?camefrom=////evil.example may redirect to an external website after login. This issue has been patched in versions 2.1.0, 3.1.0, and 4.0.0...
isURLInPortal 输入验证错误漏洞
isURLInPortal is a Plone open-source URL security check patch for Plone. Versions prior to 2.1.0, 3.1.0, and 4.0.0 of isURLInPortal had a input validation vulnerability that could lead to redirection to external websites after login...
Plone < 5.2.7 / 6.x < 6.0.0a3 XSS (CVE-2022-23599)
The detected version of Plone, is prior to version 5.2.7, or version 6 prior to 6.0.0a3. It is, therefore, affected by a cross site scripting vulnerability. A remote attacker can exploit this via cache poisoning to redirect a user when clicking links on the compromised page. Note that Nessus has...
Plone <= 6.0.5 Cross-Frame Scripting (CVE-2024-0669)
The detected version of the python package plone version 6.0.5 or prior. It is, therefore, affected by a cross-frame scripting vulnerability. A remote attacker can exploit this via cross-frame scripting to trick a user into opening a invisible i-frame to collect credentials or keystrokes. Note th...
Plone Python Library Multiple Vulnerabilities (20230921)
The detected version of Plone python package, plone, is prior to version 5.2.14 or 6.x prior to 6.0.7. It is, therefore, affected by the following the vulnerabilities: - Multiple stored cross site scripting vulnerabilities exits when handling SVG images. An authenticated, remote attacker can...
Products.isurlinportal has possible open redirect when using more than 2 forward slashes
Impact A url /login?camefrom=////evil.example may redirect to an external website after login. Standard Plone is not affected, but if you have customised the login, for example with add-ons, you might be affected. You can try the url to check if you are affected or not. Patches The problem has be...