| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
Plone CMS Improper Input Validation Vulnerability (CVE-2013-4192)
|
CVE-2013-4192
CWE-20
|
CWE-20
|
Medium
|
|
Plone CMS Improper Input Validation Vulnerability (CVE-2013-4195)
|
CVE-2013-4195
CWE-20
|
CWE-20
|
Medium
|
|
Plone CMS Improper Input Validation Vulnerability (CVE-2013-4197)
|
CVE-2013-4197
CWE-20
|
CWE-20
|
Medium
|
|
Plone CMS Improper Input Validation Vulnerability (CVE-2013-4199)
|
CVE-2013-4199
CWE-20
|
CWE-20
|
Low
|
|
Plone CMS Improper Input Validation Vulnerability (CVE-2015-7318)
|
CVE-2015-7318
CWE-20
|
CWE-20
|
High
|
|
Plone CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2016-7135)
|
CVE-2016-7135
CWE-22
|
CWE-22
|
Medium
|
|
Plone CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)
|
CVE-2021-32633
CWE-22
|
CWE-22
|
High
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-4571)
|
CVE-2008-4571
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2422)
|
CVE-2010-2422
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1340)
|
CVE-2011-1340
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1948)
|
CVE-2011-1948
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1949)
|
CVE-2011-1949
CWE-707
|
CWE-707
|
Low
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5490)
|
CVE-2012-5490
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5494)
|
CVE-2012-5494
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5502)
|
CVE-2012-5502
CWE-707
|
CWE-707
|
Low
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5504)
|
CVE-2012-5504
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4190)
|
CVE-2013-4190
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-7062)
|
CVE-2013-7062
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-7316)
|
CVE-2015-7316
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7136)
|
CVE-2016-7136
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7138)
|
CVE-2016-7138
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7139)
|
CVE-2016-7139
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7140)
|
CVE-2016-7140
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7147)
|
CVE-2016-7147
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-1000482)
|
CVE-2017-1000482
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-7937)
|
CVE-2020-7937
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3313)
|
CVE-2021-3313
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29002)
|
CVE-2021-29002
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33507)
|
CVE-2021-33507
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33508)
|
CVE-2021-33508
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33512)
|
CVE-2021-33512
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33513)
|
CVE-2021-33513
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35959)
|
CVE-2021-35959
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23599)
|
CVE-2022-23599
CWE-707
|
CWE-707
|
Medium
|
|
Plone CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-7939)
|
CVE-2020-7939
CWE-138
|
CWE-138
|
High
|
|
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7938)
|
CVE-2020-7938
CWE-269
|
CWE-269
|
High
|
|
Plone CMS Improper Privilege Management Vulnerability (CVE-2020-7941)
|
CVE-2020-7941
CWE-269
|
CWE-269
|
Critical
|
|
Plone CMS Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2024-0669)
|
CVE-2024-0669
CWE-1021
|
CWE-1021
|
High
|
|
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28734)
|
CVE-2020-28734
CWE-611
|
CWE-611
|
High
|
|
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)
|
CVE-2020-28736
CWE-611
|
CWE-611
|
High
|
|
Plone CMS Incorrect Default Permissions Vulnerability (CVE-2024-22889)
|
CVE-2024-22889
CWE-276
|
CWE-276
|
High
|
|
Plone CMS Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-33509)
|
CVE-2021-33509
CWE-732
|
CWE-732
|
Critical
|
|
Plone CMS Missing Authentication for Critical Function Vulnerability (CVE-2020-35190)
|
CVE-2020-35190
CWE-306
|
CWE-306
|
Critical
|
|
Plone CMS Other Vulnerability (CVE-2006-1711)
|
CVE-2006-1711
|
|
Medium
|
|
Plone CMS Other Vulnerability (CVE-2006-4247)
|
CVE-2006-4247
|
|
Medium
|
|
Plone CMS Other Vulnerability (CVE-2006-4249)
|
CVE-2006-4249
|
|
Medium
|
|
Plone CMS Other Vulnerability (CVE-2012-5486)
|
CVE-2012-5486
|
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-1950)
|
CVE-2011-1950
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4030)
|
CVE-2011-4030
CWE-264
|
CWE-264
|
Critical
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5487)
|
CVE-2012-5487
CWE-264
|
CWE-264
|
High
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5489)
|
CVE-2012-5489
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5498)
|
CVE-2012-5498
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5501)
|
CVE-2012-5501
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4191)
|
CVE-2013-4191
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4193)
|
CVE-2013-4193
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4196)
|
CVE-2013-4196
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4198)
|
CVE-2013-4198
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4200)
|
CVE-2013-4200
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-7061)
|
CVE-2013-7061
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-7317)
|
CVE-2015-7317
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4041)
|
CVE-2016-4041
CWE-264
|
CWE-264
|
High
|
|
Plone CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-4043)
|
CVE-2016-4043
CWE-264
|
CWE-264
|
Medium
|
|
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5496)
|
CVE-2012-5496
|
|
Medium
|
|
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5499)
|
CVE-2012-5499
|
|
Medium
|
|
Plone CMS Resource Management Errors Vulnerability (CVE-2012-5506)
|
CVE-2012-5506
|
|
Medium
|
|
Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)
|
CVE-2013-4188
|
|
Medium
|
|
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-28735)
|
CVE-2020-28735
CWE-918
|
CWE-918
|
High
|
|
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33510)
|
CVE-2021-33510
CWE-918
|
CWE-918
|
Medium
|
|
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33511)
|
CVE-2021-33511
CWE-918
|
CWE-918
|
High
|
|
Plone CMS Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-33926)
|
CVE-2021-33926
CWE-918
|
CWE-918
|
High
|
|
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2016-7137)
|
CVE-2016-7137
CWE-601
|
CWE-601
|
Medium
|
|
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000481)
|
CVE-2017-1000481
CWE-601
|
CWE-601
|
Medium
|
|
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)
|
CVE-2017-1000484
CWE-601
|
CWE-601
|
Medium
|
|
Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-7936)
|
CVE-2020-7936
CWE-601
|
CWE-601
|
Medium
|
|
Plone CMS Use of Externally-Controlled Format String Vulnerability (CVE-2017-5524)
|
CVE-2017-5524
CWE-134
|
CWE-134
|
Medium
|
