Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

CMS

Plone CMS

Plone is a free and open source content management system built on top of the Zope application server.

Official Site:

https://plone.org/

Severity Summary:

Critical: 5 High: 20 Medium: 76 Low: 3
Reference
Title
Severity
CVE-2011-1340
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-4200
Plone CMS Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2011-4462
Plone CMS Improper Input Validation Vulnerability
Medium
CVE-2008-4571
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-4188
Plone CMS Resource Management Errors Vulnerability
Medium
CVE-2013-4190
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2013-4189
Plone CMS Vulnerability
Medium
CVE-2013-4191
Plone CMS Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2013-4192
Plone CMS Improper Input Validation Vulnerability
Medium
CVE-2009-0662
Plone CMS Improper Authentication Vulnerability
Medium
CVE-2006-4247
Plone CMS Other Vulnerability
Medium
CVE-2017-1000483
Plone CMS Vulnerability
Medium
CVE-2020-7936
Plone CMS URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2021-21336
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2022-23599
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-35959
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-3313
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-7937
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-33507
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-33508
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-33510
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability
Medium
CVE-2006-4249
Plone CMS Other Vulnerability
Medium
CVE-2013-7062
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-33512
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-33513
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-29002
Plone CMS Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-1000484
Plone CMS URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2006-1711
Plone CMS Other Vulnerability
Medium
CVE-2013-4193
Plone CMS Permissions Privileges and Access Controls Vulnerability
Medium
CVE-2013-4194
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium