Search for packages
| purl | pkg:pypi/plone@4.3a0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3uw2-j3r6-77ch
Aliases: CVE-2012-5494 GHSA-3g6w-4m7x-97v6 PYSEC-2014-36 |
Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "{u,}translate." |
Affected by 31 other vulnerabilities. |
|
VCID-4hzn-mj8g-37ew
Aliases: CVE-2012-5504 GHSA-5whw-5cmm-9jw4 PYSEC-2014-46 |
Cross-site scripting (XSS) vulnerability in widget_traversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
Affected by 31 other vulnerabilities. |
|
VCID-hzgj-wca9-z3d1
Aliases: CVE-2012-5498 GHSA-97rj-p794-wq6m PYSEC-2014-40 |
queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection. |
Affected by 31 other vulnerabilities. |
|
VCID-k34d-p9vb-g7by
Aliases: CVE-2012-5508 GHSA-wprr-mc54-c62q PYSEC-2014-50 |
The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6661 was assigned for the PRNG reseeding issue in Zope. |
Affected by 31 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-30T20:59:25.509210+00:00 | GitLab Importer | Affected by | VCID-k34d-p9vb-g7by | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Plone/CVE-2012-5508.yml | 38.6.0 |
| 2026-05-30T20:59:24.392885+00:00 | GitLab Importer | Affected by | VCID-3uw2-j3r6-77ch | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Plone/CVE-2012-5494.yml | 38.6.0 |
| 2026-05-30T20:59:24.241055+00:00 | GitLab Importer | Affected by | VCID-hzgj-wca9-z3d1 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Plone/CVE-2012-5498.yml | 38.6.0 |
| 2026-05-30T20:59:21.374421+00:00 | GitLab Importer | Affected by | VCID-4hzn-mj8g-37ew | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/Plone/CVE-2012-5504.yml | 38.6.0 |