(0Day) Zope CMFCore Uncontrolled Resource Consumption Denial-of-Service Vulnerability

This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Zope Application Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the contentFilter class. The issue results from...

PYSEC-2021-79

Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS...