Vulnerabilities > Zope > Zope > 2.13.10

DATE CVE VULNERABILITY TITLE RISK
2023-09-21 CVE-2023-42458 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Zope
Zope is an open-source web application server.
network
low complexity
zope CWE-80
5.4
5.4
2023-09-06 CVE-2023-41050 Information Exposure vulnerability in Zope Accesscontrol
AccessControl provides a general security framework for use in Zope.
network
low complexity
zope CWE-200
7.7
7.7
2021-06-08 CVE-2021-32674 Path Traversal vulnerability in Zope
Zope is an open-source web application server.
network
low complexity
zope CWE-22
6.5
6.5
2021-05-21 CVE-2021-32633 Path Traversal vulnerability in multiple products
Zope is an open-source web application server.
network
low complexity
plone zope CWE-22
6.5
6.5
2011-10-10 CVE-2011-3587 Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.
network
plone zope
critical
 9.3
9.3