
Security Advisories for plone in pypi
Critical
over 3 years ago
Plone Unauthenticated Write Vulnerability
pypi
plone.app.contenttypes, Plone
High
over 3 years ago
Plone anonymous access to sub-objects in CMFEditions where KwAsAttributes classes were publishable
pypi
Plone
Moderate
over 3 years ago
Plone's authenticated users able to alter their password despite of policy definition
pypi
Plone
Moderate
over 3 years ago
Plone is vulnerable to Information Exposure when generating zip archives
pypi
plone
Moderate
over 3 years ago
Plone is vulnerable to information exposure via the object manager implementation
pypi
plone
Low
over 3 years ago
Plone Denial of Service vulnerability via decompressing large zip archives
pypi
plone
High
over 3 years ago
Plone Unrestricted Filed Manipulation vulnerability via content edit forms
pypi
plone
Moderate
over 3 years ago
Plone Cross-site Scripting vulnerability in the LiveSearch module
pypi
Plone
High
over 3 years ago
Plone allows anonymous users to reset any users password through the web via Password Reset Tool
pypi
Plone
Moderate
over 4 years ago
Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone
pypi
Plone, Products.PluggableAuthService, Products.CMFCore
High
over 4 years ago
Improper Restriction of XML External Entity Reference in Plone
pypi
plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
High
over 4 years ago
SSRF attacks via tracebacks in Plone
pypi
plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
High
over 4 years ago
Improper Restriction of XML External Entity Reference in Plone
pypi
plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
High
about 7 years ago
Plone and plone.app.users allow remote authenticated users to modify the properties of arbitrary accounts
pypi
Plone, plone.app.users
High
about 7 years ago
Plone and Zope2 vulnerable to unauthorized access to restricted attributes
pypi
Plone, Zope2
High
about 7 years ago
Plone and Zope2 do not reseed pseudo-random number generator
pypi
Plone, Zope2