Vulnerabilities > Zope > Zope > 2.13.18
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-21 | CVE-2023-42458 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Zope Zope is an open-source web application server. | 5.4 |
| 2023-09-06 | CVE-2023-41050 | Information Exposure vulnerability in Zope Accesscontrol AccessControl provides a general security framework for use in Zope. | 7.7 |
| 2021-06-08 | CVE-2021-32674 | Path Traversal vulnerability in Zope Zope is an open-source web application server. | 6.5 |
| 2021-05-21 | CVE-2021-32633 | Path Traversal vulnerability in multiple products Zope is an open-source web application server. | 6.5 |
| 2014-09-30 | CVE-2012-5507 | Race Condition vulnerability in multiple products AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation. | 4.3 |