Latest Vulnerabilities Affecting Plone products

Date	CVE	Title	CVSS
2018-01-03	CVE-2017-1000484	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Plone	Medium
2018-01-03	CVE-2017-1000481	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Plone	Medium
2018-01-03	CVE-2017-1000482	Cross-Site Scripting (XSS) vulnerability in Plone 5.0.9/5.1	Low
2018-01-03	CVE-2017-1000483	Permissions, Privileges, and Access Control vulnerability in Plone	Medium
2017-09-25	CVE-2015-7293	Cross-Site Request Forgery (CSRF) vulnerability in Plone and Zope products	Medium
2017-09-25	CVE-2015-7316	Cross-Site Scripting (XSS) vulnerability in Plone	Medium
2017-09-25	CVE-2015-7317	Permissions, Privileges, and Access Control vulnerability in Kupu Project and Plone products	Medium
2017-09-25	CVE-2015-7315	Improper Access Control vulnerability in Plone	Medium
2017-09-25	CVE-2015-7318	Input Validation vulnerability in Plone	Medium
2017-03-23	CVE-2017-5524	Permissions, Privileges, and Access Control vulnerability in Plone	Medium
2017-03-07	CVE-2016-7136	Cross-Site Scripting (XSS) vulnerability in Plone	Medium
2017-03-07	CVE-2016-7138	Cross-Site Scripting (XSS) vulnerability in Plone	Medium
2017-03-07	CVE-2016-7139	Cross-Site Scripting (XSS) vulnerability in Plone	Medium
2017-03-07	CVE-2016-7135	Path Traversal vulnerability in Plone	Medium
2017-03-07	CVE-2016-7137	URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Plone	Medium

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.