Vulnerabilities > Plone > Plone > 5.2.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-05-21 | CVE-2021-32633 | Path Traversal vulnerability in multiple products Zope is an open-source web application server. | 6.5 |
2021-05-20 | CVE-2021-3313 | Cross-site Scripting vulnerability in Plone Plone CMS until version 5.2.4 has a stored Cross-Site Scripting (XSS) vulnerability in the user fullname property and the file upload functionality. | 3.5 |
2021-03-24 | CVE-2021-29002 | Cross-site Scripting vulnerability in Plone 5.2.3 A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 exists in site-controlpanel via the "form.widgets.site_title" parameter. | 3.5 |
2021-03-08 | CVE-2021-21336 | Information Exposure vulnerability in multiple products Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. | 4.0 |