Vulnerabilities > Plone > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-25 | CVE-2024-23055 | Unspecified vulnerability in Plone Docker Official Image 5.2.13 An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers. | 6.1 |
| 2023-09-21 | CVE-2023-41048 | Cross-site Scripting vulnerability in Plone Namedfile 6.2.0 plone.namedfile allows users to handle `File` and `Image` fields targeting, but not depending on, Plone Dexterity content. | 5.4 |
| 2022-03-14 | CVE-2022-24740 | Improper Authentication vulnerability in Plone Volto 14.0.0/15.0.0 Volto is a ReactJS-based frontend for the Plone Content Management System. | 6.0 |
| 2022-01-28 | CVE-2022-23599 | Open Redirect vulnerability in Plone Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. | 6.1 |
| 2021-08-02 | CVE-2021-32806 | Open Redirect vulnerability in Plone Isurlinportal 1.0.0/1.1.0/1.1.1 Products.isurlinportal is a replacement for isURLInPortal method in Plone. | 5.8 |
| 2021-05-21 | CVE-2021-33507 | Cross-site Scripting vulnerability in multiple products Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS. | 4.3 |
| 2021-05-21 | CVE-2021-33510 | Server-Side Request Forgery (SSRF) vulnerability in Plone Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file. | 4.0 |
| 2021-05-21 | CVE-2021-33511 | Server-Side Request Forgery (SSRF) vulnerability in Plone Plone though 5.2.4 allows SSRF via the lxml parser. | 5.0 |
| 2021-05-21 | CVE-2021-32633 | Path Traversal vulnerability in multiple products Zope is an open-source web application server. | 6.5 |
| 2021-03-08 | CVE-2021-21336 | Information Exposure vulnerability in multiple products Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. | 4.0 |