Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

plone

pypi

The Plone Content Management System

View on github.com · View on pypi.org

Security Advisories for plone in pypi

Moderate
over 1 year ago

Phone information disclosure vulnerability GSA_kwCzR0hTQS14ZzVwLTh3ZzUtcmh4bc4AA5yI

pypi Plone
High
almost 2 years ago

Cross-Frame Scripting vulnerability has been found on Plone CMS GSA_kwCzR0hTQS01eGZ4LTU1eDQtajIyM84AA4jV

pypi Plone
High
over 2 years ago

Server-Side Request Forgery in Plone CMS GSA_kwCzR0hTQS00N3A1LXAzanctdzc4d84AAxtz

pypi Plone
Moderate
over 3 years ago

Plone XSS Vulnerability GSA_kwCzR0hTQS0zOGc2LXg2anYtandmZs4AArAc

pypi plone
Moderate
over 3 years ago

Plone has stored XSS in folder contents GSA_kwCzR0hTQS1xZmh3LWZ2M2ctdjgzNs4AApAM

pypi plone
Moderate
over 3 years ago

Plone XSS in User Fullname Property and File Upload GSA_kwCzR0hTQS1ocHJyLTR2ZnEtZmN4d84AAoi2

pypi plone
Critical
over 3 years ago

Plone Unauthenticated Write Vulnerability GSA_kwCzR0hTQS13Nmc5LXhjY2MtMzQ3aM4AAjY7

pypi plone.app.contenttypes, Plone
High
over 3 years ago

Plone Privilege Escallation GSA_kwCzR0hTQS1jamczLXEyNGgtOXF3Zs4AAjY0

pypi Plone
Moderate
over 3 years ago

Plone cross site scripting (XSS) GSA_kwCzR0hTQS04bWM0LTJ4cmMtZzU4Ms4AAjY8

pypi Plone
High
over 3 years ago

Plone SQL Injection Vulnerability GSA_kwCzR0hTQS1oaG1mLTdyZ2ctZ2N3Nc4AAjY6

pypi Plone
Moderate
over 3 years ago

Plone Open Redirect Vulnerability GSA_kwCzR0hTQS04Mmo5LXdmY2YtOXYyaM4AAjYw

pypi Plone
High
over 3 years ago

Plone allows weak passwords GSA_kwCzR0hTQS1jdzU4LWdwZ3ctaHd4Ms4AAjYs

pypi Plone
Moderate
over 3 years ago

Plone Cross-site Scripting vulnerability in PortalTransforms GSA_kwCzR0hTQS1xajd4LXdtOXEtcWp4OM4AAgL1

pypi Plone
Moderate
over 3 years ago

Plone XSS Vulnerability GSA_kwCzR0hTQS1jdndjLWc3ZnctN3hyas4AAf8c

pypi plone
High
over 3 years ago

Plone anonymous access to sub-objects in CMFEditions where KwAsAttributes classes were publishable GSA_kwCzR0hTQS1wd2dtLWp2cXYtNnY4cM4AAf3k

pypi Plone
Moderate
over 3 years ago

Plone Privilege escalation due improper authorization GSA_kwCzR0hTQS1wd3BxLTYzMmctaDQ5Z84AAesV

pypi Plone
Moderate
over 3 years ago

Plone Authenticated Denial of Service vulnerability GSA_kwCzR0hTQS13M3B3LXF4amotNnBycs4AAesc

pypi plone
Low
over 3 years ago

Plone Denial of Service vulnerability via decompressing large zip archives GSA_kwCzR0hTQS14ZmpxLTlyeHEtcGg2bc4AAesN

pypi plone
High
over 3 years ago

Plone is vulnerable to email spoofing GSA_kwCzR0hTQS1mNWg5LTNocGYtOWo4bc4AAesP

pypi plone
Moderate
over 3 years ago

Plone is vulnerable to information exposure via the object manager implementation GSA_kwCzR0hTQS1xcGhoLTVmdjUtMm1qas4AAesO

pypi plone
Moderate
over 3 years ago

Plone is vulnerable to File System Path Exposure GSA_kwCzR0hTQS1tbTMyLWp3NzMtOTIyN84AAesM

pypi plone
Moderate
over 3 years ago

Plone's authenticated users able to alter their password despite of policy definition GSA_kwCzR0hTQS1xanhmLTZwcjgtajg3ds4AAesJ

pypi Plone
Moderate
over 3 years ago

Plone vulnerable to cross-site scripting GSA_kwCzR0hTQS04OXJxLTI3eHAtdmd2N84AAesK

pypi plone
Moderate
over 3 years ago

Plone is vulnerable to Information Exposure when generating zip archives GSA_kwCzR0hTQS1ncnd4LTRwNXYtOWcyZ84AAesQ

pypi plone
Low
over 3 years ago

Plone Multiple open redirect vulnerabilities GSA_kwCzR0hTQS1qNjdqLThocnAtNzZ4bc4AAesL

pypi plone
High
over 3 years ago

Plone Improper Access Control Vulnerability GSA_kwCzR0hTQS1qanZ3LTNoOWotcDdqZs4AAesI

pypi plone
High
over 3 years ago

Plone Unrestricted Filed Manipulation vulnerability via content edit forms GSA_kwCzR0hTQS02ZmdmLXg3d2ctaHA4cs4AAesG

pypi plone
Moderate
over 3 years ago

Plone Privilege escalation through exposed underlying API GSA_kwCzR0hTQS00dnI4LXI3cXItZnB2cc4AAeeZ

pypi Plone
Moderate
over 3 years ago

Plone Information Disclosure GSA_kwCzR0hTQS1mOHBnLXdwNWotcmp4eM4AAeQ5

pypi Plone
Moderate
over 3 years ago

Plone Sandbox Bypass GSA_kwCzR0hTQS05bTRnLWY0MnEtdnJyaM4AAeQ-

pypi Plone
Moderate
over 3 years ago

Plone Cross-site scripting Vulnerability GSA_kwCzR0hTQS1ocjU5LTM1Y3ItcWY0M84AAeQ8

pypi Plone
Moderate
over 3 years ago

Plone Metadata Disclosure GSA_kwCzR0hTQS02dzkzLTRjNHAteHYyeM4AAeRF

pypi Plone
Moderate
over 3 years ago

Plone Cross-site scripting Vulnerability GSA_kwCzR0hTQS01d2h3LTVjbW0tOWp3NM4AAeQz

pypi Plone
Moderate
over 3 years ago

Plone Sandbox Bypass GSA_kwCzR0hTQS0yNWpoLTVoNXItaDMzbc4AAeQy

pypi Plone
Moderate
over 3 years ago

Plone Cross-site scripting Vulnerability GSA_kwCzR0hTQS0zZzZ3LTRtN3gtOTd2Ns4AAeQ6

pypi Plone
High
over 3 years ago

Plone Arbitrary File Read GSA_kwCzR0hTQS1wdmh2LXF3YzgtcjJwZ84AAeQx

pypi Plone
Moderate
over 3 years ago

Plone Cross-site scripting Vulnerability GSA_kwCzR0hTQS1xNDZnLXY3cjQtOXZocs4AAeQ7

pypi Plone
High
over 3 years ago

Plone DoS via Crafted URL GSA_kwCzR0hTQS1neDZ3LWhjdzMtNXIzN84AAeQm

pypi plone
High
over 3 years ago

Plone Information Disclosure GSA_kwCzR0hTQS1jcTVnLTkyNG0tN2Z4aM4AAeQn

pypi Plone
High
over 3 years ago

Plone denial of service via RSS Feed Request GSA_kwCzR0hTQS03OWhqLTQ3NGgtdjR4ds4AAeQj

pypi plone
Critical
over 3 years ago

Plone python code injection GSA_kwCzR0hTQS13NnB3LTVnaDUtNDk1Ms4AAeQY

pypi plone
High
over 3 years ago

Plone Code Injection vulnerability GSA_kwCzR0hTQS03aHhjLW13eDctNWhtY84AAePM

pypi Plone
High
over 3 years ago

Plone Code Injection vulnerability GSA_kwCzR0hTQS1jeHc3LTg1eG0tM3hyY84AAePN

pypi Plone
High
over 3 years ago

Plone is vulnerable to denial of service GSA_kwCzR0hTQS13cmYyLTJyY2gtY21yOc4AAePJ

pypi Plone
Moderate
over 3 years ago

Plone User account enumeration via crafted URL GSA_kwCzR0hTQS02ODN3LTg0bTctcDhwd84AAePK

pypi plone
Moderate
over 3 years ago

Plone contains Cross-site Request Forgery GSA_kwCzR0hTQS0ycTc1LWY3Y3Atdzg2cc4AAeNT

pypi plone
Moderate
over 3 years ago

Exposure of Sensitive Information in Plone GSA_kwCzR0hTQS13cHJyLW1jNTQtYzYycc4AAeNO

pypi Plone
High
over 3 years ago

Plone denial of service via Caching Bypass GSA_kwCzR0hTQS05N3JqLXA3OTQtd3E2bc4AAdgt

pypi Plone
Moderate
over 3 years ago

Plone XSS in Zope ZMI GSA_kwCzR0hTQS04NGptLWNwYzUtYzdnN84AAb_b

pypi plone
Moderate
over 3 years ago

Plone vulnerable to unauthorized disclosure of site content GSA_kwCzR0hTQS12NHZqLTQ5bTUtd2pod84AAb6c

pypi Plone
Moderate
over 3 years ago

Plone vulnerable to privilege escalation in WebDAV GSA_kwCzR0hTQS1xcWdqLTIyZ3ItNzN2eM4AAb6z

pypi Plone
Moderate
over 3 years ago

Chameleon in Plone allows Authentication Bypass GSA_kwCzR0hTQS02aDh4LTczZngtcTJoOc4AAb6U

pypi Plone
Critical
over 3 years ago

Plone Privilege Escalation Vulnerability GSA_kwCzR0hTQS0zdjI4LTlqanAtNGc1d84AAahz

pypi Plone
Moderate
over 3 years ago

Plone Cross-site Scripting Vulnerability GSA_kwCzR0hTQS12ZjhnLW0zdnEtNnA0cM4AAYdi

pypi Plone
High
over 3 years ago

Plone unauthorized member addition vulnerability GSA_kwCzR0hTQS05ODRtLXJqMjgtOGM2eM4AAYda

pypi Plone
High
over 3 years ago

Plone Header Injection GSA_kwCzR0hTQS1mcTlyLThqcG0tMjIyMs4AAYdL

pypi Plone
High
over 3 years ago

Plone vulnerable to cross-site request forgery GSA_kwCzR0hTQS1wM3FtLTQ0Y2YtZjhxeM4AAYcH

pypi Plone
Moderate
over 3 years ago

Products.CMFPlone XSS in profile home_page property GSA_kwCzR0hTQS04NTlqLTY2OHYtbXJyNs4AAXif

pypi Plone
Moderate
over 3 years ago

Products.CMFPlone Open Redirect Vulnerability GSA_kwCzR0hTQS04ZzcyLWdxNjgtNmdxaM4AAXhU

pypi Plone
High
over 3 years ago

Plone Open Redirection vulnerability via next parameter GSA_kwCzR0hTQS01NnAzLXJycDQtMmo4Ms4AAWK2

pypi Plone
Moderate
over 3 years ago

Plone vulnerable to filesystem information leak GSA_kwCzR0hTQS1tN2Y5LTY1d3ItcHdjaM4AAV9u

pypi Plone
Moderate
over 3 years ago

Plone Open Redirect Vulnerability GSA_kwCzR0hTQS02OXZoLTY2Mmotdjk4OM4AAV-F

pypi plone
Moderate
over 3 years ago

Plone XSS GSA_kwCzR0hTQS0yMmptLXAydnYtajJoY84AAV-I

pypi plone
Moderate
over 3 years ago

Plone XSS GSA_kwCzR0hTQS12M2hwLWY4cXItY2YzcM4AAV9r

pypi plone
Moderate
over 3 years ago

Plone Cross-site Scripting (XSS) vulnerability GSA_kwCzR0hTQS1wcDRjLTI2OTItN2YzN84AAV9s

pypi Plone
Moderate
over 3 years ago

Plone vulnerable to Cross-site Scripting GSA_kwCzR0hTQS1jaHZ3LWdqeGYtZjhtY84AAV9q

pypi Plone
High
over 3 years ago

Plone Unauthorized Access Vulnerability GSA_kwCzR0hTQS1xYzU3LWgyZjctcDRoeM4AAR2e

pypi Plone
Moderate
over 3 years ago

Plone Zope cross-site scripting (XSS) vulnerability GSA_kwCzR0hTQS00NzkzLXc0NHctbTd4bc3grw

pypi plone
Moderate
over 3 years ago

Plone Cross-site Scripting vulnerability in the LiveSearch module GSA_kwCzR0hTQS00NmY5LWY4am0tbXcyeM2_OQ

pypi Plone
Moderate
over 3 years ago

Plone credentials stored in session cookie GSA_kwCzR0hTQS1oanA1LWh2MzMtcTU4Z82zkw

pypi plone
High
over 3 years ago

Plone Improper Session Management GSA_kwCzR0hTQS01OTNjLWozNDgtZjNnds2ziw

pypi Plone
High
over 3 years ago

Plone CMS Improper Session Management GSA_kwCzR0hTQS1tcTNxLWpqcGgtcnA1cM2zhA

pypi Plone
High
over 3 years ago

Plone Cross-site request forgery (CSRF) GSA_kwCzR0hTQS00ajN3LWc2MngtaHJjcM2vAg

pypi Plone
Critical
over 3 years ago

Plone Arbitrary Code Execution via Unsafe Handling of Pickles GSA_kwCzR0hTQS1oZjI2LXZ2bXgteDhjOM2qvQ

pypi plone
High
over 3 years ago

Plone allows anonymous users to reset any users password through the web via Password Reset Tool GSA_kwCzR0hTQS01aGNoLXY1cHEteDRxcM2KqQ

pypi Plone
Moderate
over 3 years ago

Plone allows a user to masquerade as a group GSA_kwCzR0hTQS1yN2o0LTgyeHctOG05cM2Kqg

pypi Plone
Moderate
over 3 years ago

Plone allows remote users to modify arbitrary portraits GSA_kwCzR0hTQS1qY3doLXJqNmotdm03Nc2Bfg

pypi plone
Moderate
over 4 years ago

Cross-site scripting in Products.CMFCore, Products.PluggableAuthService, Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM1cmctNDY2dy03N2gz

pypi Plone, Products.PluggableAuthService, Products.CMFCore
High
over 4 years ago

Server-Side Request Forgery in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdjOWctNjdjcS1wN3Y0

pypi Plone
Moderate
over 4 years ago

Server-Side Request Forgery in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtZzQtd3ZteC01MzMy

pypi Plone
Critical
over 4 years ago

Incorrect Permission Assignment for Critical Resource in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtMnAtZmh3eC05Mjg1

pypi Plone
Moderate
over 4 years ago

Cross-site scripting in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJtcHYtcmNwNi12OHdj

pypi Plone
Moderate
over 4 years ago

Cross-site scripting in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtMmgtZjQ1Ni02ajg4

pypi Plone
Moderate
over 4 years ago

Cross-site scripting in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZqNjctdzNtNC1yZm1w

pypi Plone
High
over 4 years ago

Improper Restriction of XML External Entity Reference in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJjOGMtODR3Mi1qMzhq

pypi plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
High
over 4 years ago

SSRF attacks via tracebacks in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg3d2YtNW1qYy02eDc2

pypi plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
High
over 4 years ago

Improper Restriction of XML External Entity Reference in Plone MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdxNngtZzY4NS13NWYy

pypi plone.supermodel, plone.app.dexterity, plone.app.theming, plone.app.event, Plone
Moderate
almost 7 years ago

Plone Open Redirect MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXh2d3YtNnd2eC1weDl4

pypi Plone
Moderate
over 7 years ago

Plone Cross-site Scripting vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2aHEtYzg5Ni13ODgy

pypi Plone
High
over 7 years ago

Plone and plone.app.users allow remote authenticated users to modify the properties of arbitrary accounts MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJxeDgtNTg5ai1nY3B4

pypi Plone
High
over 7 years ago

Plone allows remote attackers to read hidden folder contents MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBycjUtcGZyOC1xOWYz

pypi Plone
High
over 7 years ago

Plone and Zope2 vulnerable to unauthorized access to restricted attributes MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg3OXItN2Yzdy04amoz

pypi Plone
High
over 7 years ago

High severity vulnerability that affects Plone and Zope2 MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA2aDktaHBjZy1jNmdt

pypi Zope2, Plone
High
over 7 years ago

HTTP header injection in Plone and Zope2 MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3aHYtODc5Ni04Y2Nw

pypi Plone
High
over 7 years ago

Plone and Zope2 do not reseed pseudo-random number generator MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4dnYtMnBtcS05ZnZ2

pypi Plone
High
over 7 years ago

Plone and Zope2 affected by Race Condition MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNxcHItN3JtZy03M3Y4

pypi Plone
High
over 7 years ago

Plone Denial of Service vulnerability MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXBjd20tOGpjMy1xeHZq

pypi Plone
Moderate
over 7 years ago

Plone Sandbox Escape MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXA1d3ItdnA4Zy1xNXA0

pypi Plone

Filter by Severity

Moderate 53 High 38 Critical 5 Low 2