from 0, < 4.2.3
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
from 0, < 4.2.3
CRITICAL9.9Plone Sandbox Bypass
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
CRITICAL9.9Incorrect Permission Assignment for Critical Resource in Plone
from 0, < 5.2.5
CRITICAL9.9Incorrect Permission Assignment for Critical Resource in Plone
from 0, < 5.2.5
CRITICAL9.8Plone Unauthenticated Write Vulnerability
>= 4.3, < 5.2.2
CRITICAL9.8Plone Unauthenticated Write Vulnerability
>= 4.3, <= 5.2.1
CRITICAL9.8Plone python code injection
from 0, < 4.2.3
CRITICAL9.8Plone python code injection
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
CRITICAL9.8Plone Code Injection vulnerability
from 0, < 4.2.3
CRITICAL9.8Plone Code Injection vulnerability
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
CRITICAL9.8zope-cmfplone - arbitrary code
>= 2.5, < 2.5.5
CRITICAL9.8zope-cmfplone - arbitrary code
>= 2.5, < 2.5.5
CRITICAL9.1Plone Privilege Escalation Vulnerability
>= 2.5, < 4.0.4
CRITICAL9.1Plone Privilege Escalation Vulnerability
from 0, < 4.0.1
CRITICAL9.1Plone allows anonymous users to reset any users password through the web via Password Reset Tool
>= 2.5, < 2.5.1
CRITICAL9.1Plone allows anonymous users to reset any users password through the web via Password Reset Tool
>= 2.5, < 2.5.1
CRITICAL9.1Plone allows anonymous users to reset any users password through the web via Password Reset Tool
from 0, <= 2.5, <= 2.5.1_rc
HIGH8.8Server-Side Request Forgery in Plone CMS
>= 4.3, < 5.2.5
HIGH8.8Server-Side Request Forgery in Plone CMS
>= 4.3, < 5.2.5
HIGH8.8Plone SQL Injection Vulnerability
>= 4.0, <= 5.2.1
HIGH8.8Plone SQL Injection Vulnerability
>= 4.0, < 5.2.2
HIGH8.8Plone Privilege Escallation
>= 5.2.0, < 5.2.2
HIGH8.8Plone Privilege Escallation
>= 5.2.0, < 5.2.2
HIGH8.8Plone vulnerable to cross-site request forgery
from 0, < 5.0a1
HIGH8.8Plone vulnerable to cross-site request forgery
from 0, < 5.0a1
HIGH8.8Improper Restriction of XML External Entity Reference in Plone
from 0, < 5.2.3
HIGH8.8Improper Restriction of XML External Entity Reference in Plone
from 0, < 5.2.3
HIGH8.8SSRF attacks via tracebacks in Plone
from 0, < 5.2.3
HIGH8.8SSRF attacks via tracebacks in Plone
from 0, < 5.2.3
HIGH8.8Improper Restriction of XML External Entity Reference in Plone
from 0, < 5.2.3
HIGH8.8Improper Restriction of XML External Entity Reference in Plone
from 0, < 5.2.3
HIGH8.1Plone Improper Access Control Vulnerability
>= 2.1, < 4.1.1
HIGH8.1Plone Improper Access Control Vulnerability
>= 2.1, < 4.1.1, >= 4.2, < 4.2.6, >= 4.3, < 4.3.2
HIGH7.5Plone allows weak passwords
>= 4.3, < 5.2.1
HIGH7.5Plone allows weak passwords
>= 4.3, < 4.3.20
HIGH7.5Plone Arbitrary File Read
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.5Plone Arbitrary File Read
from 0, < 4.2.3
HIGH7.5Plone DoS via Crafted URL
from 0, < 4.0
HIGH7.5Plone DoS via Crafted URL
from 0, < 3.3.6
HIGH7.5Plone Information Disclosure
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.5Plone Information Disclosure
from 0, < 4.2.3
HIGH7.5Plone denial of service via RSS Feed Request
from 0, < 4.2.3
HIGH7.5Plone denial of service via RSS Feed Request
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.5Plone is vulnerable to denial of service
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.5Plone is vulnerable to denial of service
>= 4.0, < 4.2.3
HIGH7.5Plone denial of service via Caching Bypass
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.5Plone denial of service via Caching Bypass
from 0, < 4.2.3
HIGH7.5Plone Header Injection
>= 3.3, < 4.0a1
HIGH7.5Plone Header Injection
>= 3.3, < 4.0a1
HIGH7.5Plone Open Redirection vulnerability via next parameter
>= 2.1, < 4.1.1, >= 4.2, < 4.2.6, >= 4.3, < 4.3.2
HIGH7.5Plone Open Redirection vulnerability via next parameter
>= 2.1, < 4.1.1
HIGH7.5Plone Cross-site request forgery (CSRF)
>= 3.0.5, <= 3.0.6
HIGH7.5Plone Cross-site request forgery (CSRF)
from 0, < 3.1
HIGH7.5Plone Cross-site request forgery (CSRF)
from 0, < 3.1
HIGH7.5Server-Side Request Forgery in Plone
from 0, <= 5.2.4
HIGH7.5Server-Side Request Forgery in Plone
from 0, < 5.2.5
HIGH7.5Plone allows remote attackers to read hidden folder contents
from 0, < 4.2.3
HIGH7.5Plone allows remote attackers to read hidden folder contents
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.5HTTP header injection in Plone and Zope2
>= 3.3.2, < 4.2.3
HIGH7.5HTTP header injection in Plone and Zope2
from 0, < 4.2.3
HIGH7.5Plone and Zope2 do not reseed pseudo-random number generator
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.5Plone and Zope2 do not reseed pseudo-random number generator
>= 3.2.2, < 4.2.3
HIGH7.5Plone and Zope2 affected by Race Condition
>= 3.2.2, < 4.2.3
HIGH7.5Plone and Zope2 affected by Race Condition
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.5Plone Denial of Service vulnerability
from 0, < 4.1.4
HIGH7.5Plone Denial of Service vulnerability
from 0, < 4.1.4
HIGH7.3Plone vulnerable to privilege escalation in WebDAV
>= 4.0, < 5.1a2
HIGH7.3Plone vulnerable to privilege escalation in WebDAV
>= 3.3, < 4.3.10
HIGH7.2Plone Code Injection vulnerability
from 0, < 4.2.3
HIGH7.2Plone Code Injection vulnerability
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
HIGH7.1Cross-Frame Scripting vulnerability has been found on Plone CMS
from 0, < 6.0.7
MEDIUM6.5Plone is vulnerable to email spoofing
>= 2.1, < 4.1.1, >= 4.2, < 4.2.6, >= 4.3, < 4.3.2
MEDIUM6.5Plone is vulnerable to email spoofing
>= 2.1, < 4.1.1
MEDIUM6.5Plone Unauthorized Access Vulnerability
>= 2.5, < 4.3.16, >= 5, < 5.1.0
MEDIUM6.5Plone Unauthorized Access Vulnerability
>= 2.5, < 4.3.16
MEDIUM6.5Plone and plone.app.users allow remote authenticated users to modify the properties of arbitrary accounts
>= 4.0.1, < 4.0.6
MEDIUM6.5Plone and plone.app.users allow remote authenticated users to modify the properties of arbitrary accounts
from 0, < 4.1.1
MEDIUM6.5Plone and Zope2 vulnerable to unauthorized access to restricted attributes
>= 3.2.2, < 4.2.3
MEDIUM6.5Plone and Zope2 vulnerable to unauthorized access to restricted attributes
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
MEDIUM6.1Plone has stored XSS in folder contents
>= 5.0, <= 5.2.4
MEDIUM6.1Plone has stored XSS in folder contents
>= 5.0, < 5.2.5
MEDIUM6.1Plone XSS in User Fullname Property and File Upload
from 0, < 5.2.4
MEDIUM6.1Plone XSS in User Fullname Property and File Upload
from 0, < 5.2.4
MEDIUM6.1Plone Open Redirect Vulnerability
>= 4.0, < 5.2.2
MEDIUM6.1Plone Open Redirect Vulnerability
>= 4.0, < 4.3.20
MEDIUM6.1Plone Cross-site Scripting vulnerability in PortalTransforms
>= 2.1, < 3.3.6
MEDIUM6.1Plone Cross-site Scripting vulnerability in PortalTransforms
from 0, < 3.3.5
MEDIUM6.1Plone Cross-site scripting Vulnerability
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
MEDIUM6.1Plone Cross-site scripting Vulnerability
from 0, < 4.2.3
MEDIUM6.1Plone Cross-site scripting Vulnerability
from 0, < 4.2.3
MEDIUM6.1Plone Cross-site scripting Vulnerability
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
MEDIUM6.1Plone Cross-site scripting Vulnerability
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
MEDIUM6.1Plone Cross-site scripting Vulnerability
from 0, < 4.2.3, >= 4.3a0, < 4.3b1
MEDIUM6.1Plone Cross-site scripting Vulnerability
from 0, < 4.2.3
MEDIUM6.1Plone Cross-site scripting Vulnerability
from 0, < 4.2.3
MEDIUM6.1Plone XSS in Zope ZMI
>= 4.0, < 4.3.12
MEDIUM6.1Plone XSS in Zope ZMI
from 0, < 4.3.12, >= 5.0, < 5.0.7
MEDIUM6.1Plone Cross-site Scripting Vulnerability
from 0, < 3da710a2cd68587f0bf34f2e7ea1167d6eeee087 | >= 3.3, < 4.0a1, >= 4.0, < 4.1a1, >= 4.1, < 4.2a1, >= 4.2, < 4.3a1, >= 4.3, < 4.3.7, >= 5.0a1, < 5.0rc2