4 matches found
Plone 代码问题漏洞
Plone is the Plone Foundation's open source content management system running on the Zope application server. A server-side request forgery vulnerability exists in Plone 5.2.4 and earlier versions. An attacker can exploit this vulnerability to initiate a server-side request using the lxml parser...
plone-app-z3cform (>=4.0.0a1 <=4.0.0a10) potentially affected by CVE-2020-28736 via plone-app-dexterity (=2.5.2)
plone-app-dexterity PYPI version =2.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on plone-app-dexterity and may be impacted: - plone-app-z3cform =4.0.0a1, =4.0.0a10 Source cves: CVE-2020-28736 Source advisory: OSV:GHSA-2C8C-84W2-J38J...
plone-app-z3cform (>=4.0.0a1 <=4.0.0a10) potentially affected by CVE-2020-28735 via plone-app-dexterity (=2.5.2)
plone-app-dexterity PYPI version =2.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on plone-app-dexterity and may be impacted: - plone-app-z3cform =4.0.0a1, =4.0.0a10 Source cves: CVE-2020-28735 Source advisory: OSV:GHSA-X7WF-5MJC-6X76...
plone-app-z3cform (>=4.0.0a1 <=4.0.0a10) potentially affected by CVE-2020-28734 via plone-app-dexterity (=2.5.2)
plone-app-dexterity PYPI version =2.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on plone-app-dexterity and may be impacted: - plone-app-z3cform =4.0.0a1, =4.0.0a10 Source cves: CVE-2020-28734 Source advisory: OSV:GHSA-WQ6X-G685-W5F2...