CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

Github Security Blog•added 2022/05/24 5:7 p.m.•20 views

Plone cross site scripting (XSS)

An XSS issue in the title field in Plone 5.0 through 5.2.1 allows users with a certain privilege level to insert JavaScript that will be executed when other users access the site...

5.4CVSS6.2AI score0.00423EPSS

Exploits0References7Affected Software1

NVD•added 2020/01/23 9:15 p.m.•8 views

CVE-2020-7937

An XSS issue in the title field in Plone 5.0 through 5.2.1 allows users with a certain privilege level to insert JavaScript that will be executed when other users access the site...

5.4CVSS5.3AI score0.00423EPSS

Exploits0References4

OSV•added 2020/01/23 9:15 p.m.•11 views

CVE-2020-7938

plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level...

8.8CVSS8.8AI score

Exploits0References4

Prion•added 2020/01/23 9:15 p.m.•9 views

Design/Logic Flaw

plone.restapi in Plone 5.2.0 through 5.2.1 allows users with a certain privilege level to escalate their privileges up to the highest level...

6.5CVSS8.8AI score0.00596EPSS

Exploits0References4Affected Software1

OSV•added 2020/01/23 9:15 p.m.•23 views

PYSEC-2020-90

A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT overwrite some content without needing write permission...

9.8CVSS4.5AI score0.00619EPSS

Exploits0References4