Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/plone@3.2.3
Typepypi
Namespace
Nameplone
Version3.2.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.3.7
Latest_non_vulnerable_version6.0.10
Affected_by_vulnerabilities
0
url VCID-17pb-bgga-8ygp
vulnerability_id VCID-17pb-bgga-8ygp
summary queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5498.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5498.json
3
reference_url https://access.redhat.com/security/cve/CVE-2012-5498
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5498
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5498
reference_id
reference_type
scores
0
value 0.01001
scoring_system epss
scoring_elements 0.7743
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5498
5
reference_url https://github.com/advisories/GHSA-97rj-p794-wq6m
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-97rj-p794-wq6m
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-40.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-40.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5498
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5498
10
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
11
reference_url https://plone.org/products/plone/security/advisories/20121106/14
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/14
12
reference_url https://web.archive.org/web/20130528001715/https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130528001715/https://plone.org/products/plone-hotfix/releases/20121106
13
reference_url https://web.archive.org/web/20131103191705/https://plone.org/products/plone/security/advisories/20121106/14
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131103191705/https://plone.org/products/plone/security/advisories/20121106/14
14
reference_url http://www.openwall.com/lists/oss-security/2012/11/09/7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/09/7
15
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874665
reference_id 874665
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=874665
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5498, GHSA-97rj-p794-wq6m, PYSEC-2014-40
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-17pb-bgga-8ygp
1
url VCID-1e1b-7fkz-rybz
vulnerability_id VCID-1e1b-7fkz-rybz
summary traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers with administrator privileges to cause a denial of service (infinite loop and resource consumption) via unspecified vectors related to "retrieving information for certain resources."
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4188
reference_id
reference_type
scores
0
value 0.00564
scoring_system epss
scoring_elements 0.68875
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4188
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978449
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978449
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-w3pw-qxjj-6prr
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-w3pw-qxjj-6prr
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-52.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-52.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4188
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4188
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4188, GHSA-w3pw-qxjj-6prr, PYSEC-2014-52
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1e1b-7fkz-rybz
2
url VCID-1j4m-pw7f-augk
vulnerability_id VCID-1j4m-pw7f-augk
summary Plone Cross-site Scripting vulnerability
references
0
reference_url http://osvdb.org/72728
reference_id
reference_type
scores
url http://osvdb.org/72728
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1949.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1949.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1949
reference_id
reference_type
scores
0
value 0.00375
scoring_system epss
scoring_elements 0.59553
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1949
3
reference_url http://secunia.com/advisories/44775
reference_id
reference_type
scores
url http://secunia.com/advisories/44775
4
reference_url http://secunia.com/advisories/44776
reference_id
reference_type
scores
url http://secunia.com/advisories/44776
5
reference_url http://securityreason.com/securityalert/8269
reference_id
reference_type
scores
url http://securityreason.com/securityalert/8269
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/67694
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/67694
7
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-15.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-15.yaml
9
reference_url http://www.securityfocus.com/archive/1/518155/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/518155/100/0/threaded
10
reference_url http://www.securityfocus.com/bid/48005
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/48005
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=711495
reference_id 711495
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=711495
12
reference_url http://plone.org/products/plone/security/advisories/CVE-2011-1949
reference_id CVE-2011-1949
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/CVE-2011-1949
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-1949
reference_id CVE-2011-1949
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-1949
14
reference_url https://github.com/advisories/GHSA-h6hq-c896-w882
reference_id GHSA-h6hq-c896-w882
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h6hq-c896-w882
fixed_packages
0
url pkg:pypi/plone@3.3.6
purl pkg:pypi/plone@3.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-7zku-wweg-xua6
21
vulnerability VCID-9qpy-74mb-cfc6
22
vulnerability VCID-afnm-51yp-4bhc
23
vulnerability VCID-asdu-my4z-4kct
24
vulnerability VCID-br6e-6exv-ykg6
25
vulnerability VCID-cfen-6xpt-rqa3
26
vulnerability VCID-d874-w13w-qkey
27
vulnerability VCID-dur5-cy82-1kex
28
vulnerability VCID-dwph-zncb-fkhv
29
vulnerability VCID-ezb4-3xtr-h3g6
30
vulnerability VCID-fpv9-t5ew-aqe2
31
vulnerability VCID-fxx5-msd8-1fh8
32
vulnerability VCID-fz81-dgb8-27gh
33
vulnerability VCID-hb8u-3ubs-x7hf
34
vulnerability VCID-hgwu-kg1s-ffcn
35
vulnerability VCID-jduh-f7z9-3qcc
36
vulnerability VCID-jp3d-8ja2-c3a6
37
vulnerability VCID-kcx4-zkp3-xucf
38
vulnerability VCID-kmz7-9j1z-6fdp
39
vulnerability VCID-m758-7mkw-g7ac
40
vulnerability VCID-m7pv-me1q-6kh7
41
vulnerability VCID-m98v-y63a-1yfr
42
vulnerability VCID-mqru-hkfz-xkan
43
vulnerability VCID-mu4f-29hh-dbhp
44
vulnerability VCID-n722-gtzf-gqgd
45
vulnerability VCID-nedk-vykq-xfda
46
vulnerability VCID-nkez-59zg-8fan
47
vulnerability VCID-nzjx-cckn-dfbc
48
vulnerability VCID-p3mr-uajx-k7gg
49
vulnerability VCID-pbhm-ufh6-cufd
50
vulnerability VCID-pv6u-hm6u-hbc1
51
vulnerability VCID-q5np-v195-tkbz
52
vulnerability VCID-qmqy-eng1-3ka6
53
vulnerability VCID-qww5-d5cg-jfb5
54
vulnerability VCID-rdn1-sepc-xbdm
55
vulnerability VCID-rmp2-rsv7-auds
56
vulnerability VCID-rqej-4883-q3ee
57
vulnerability VCID-rsqs-u4ct-gbar
58
vulnerability VCID-rx3j-xjyn-6qbj
59
vulnerability VCID-rxv3-yw68-a3cp
60
vulnerability VCID-su9w-erpw-mqc3
61
vulnerability VCID-t8kn-cm9s-yfgv
62
vulnerability VCID-tw7a-kck8-83dq
63
vulnerability VCID-utck-uem9-n7a6
64
vulnerability VCID-uty1-5bvq-ffda
65
vulnerability VCID-vym8-d8sa-bye2
66
vulnerability VCID-w7wr-p69p-13dw
67
vulnerability VCID-wxg7-n2p4-ayhw
68
vulnerability VCID-wxz6-ka2n-jbdz
69
vulnerability VCID-xpdr-51cb-yudn
70
vulnerability VCID-xsyw-pfvg-4qfm
71
vulnerability VCID-ys36-9r8f-63ab
72
vulnerability VCID-ys4v-vwrn-4fa7
73
vulnerability VCID-z48y-dbfw-ubea
74
vulnerability VCID-znrm-edqa-nfbe
75
vulnerability VCID-zny3-fyqj-h7bm
76
vulnerability VCID-zpcq-187m-p3hk
77
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@3.3.6
1
url pkg:pypi/plone@4.0.6
purl pkg:pypi/plone@4.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-8kb4-bxbj-4udw
21
vulnerability VCID-9qpy-74mb-cfc6
22
vulnerability VCID-afnm-51yp-4bhc
23
vulnerability VCID-bdam-dhg3-5kap
24
vulnerability VCID-br6e-6exv-ykg6
25
vulnerability VCID-cfen-6xpt-rqa3
26
vulnerability VCID-d874-w13w-qkey
27
vulnerability VCID-dur5-cy82-1kex
28
vulnerability VCID-dwph-zncb-fkhv
29
vulnerability VCID-ezb4-3xtr-h3g6
30
vulnerability VCID-fpv9-t5ew-aqe2
31
vulnerability VCID-fxx5-msd8-1fh8
32
vulnerability VCID-fz81-dgb8-27gh
33
vulnerability VCID-hb8u-3ubs-x7hf
34
vulnerability VCID-hgwu-kg1s-ffcn
35
vulnerability VCID-jduh-f7z9-3qcc
36
vulnerability VCID-jp3d-8ja2-c3a6
37
vulnerability VCID-kcx4-zkp3-xucf
38
vulnerability VCID-kmz7-9j1z-6fdp
39
vulnerability VCID-m7pv-me1q-6kh7
40
vulnerability VCID-m98v-y63a-1yfr
41
vulnerability VCID-mqru-hkfz-xkan
42
vulnerability VCID-mu4f-29hh-dbhp
43
vulnerability VCID-n722-gtzf-gqgd
44
vulnerability VCID-nedk-vykq-xfda
45
vulnerability VCID-nkez-59zg-8fan
46
vulnerability VCID-nr4g-tdxq-byhh
47
vulnerability VCID-nzjx-cckn-dfbc
48
vulnerability VCID-p3mr-uajx-k7gg
49
vulnerability VCID-pbhm-ufh6-cufd
50
vulnerability VCID-pv6u-hm6u-hbc1
51
vulnerability VCID-q5np-v195-tkbz
52
vulnerability VCID-qmqy-eng1-3ka6
53
vulnerability VCID-qww5-d5cg-jfb5
54
vulnerability VCID-rdn1-sepc-xbdm
55
vulnerability VCID-rmp2-rsv7-auds
56
vulnerability VCID-rqej-4883-q3ee
57
vulnerability VCID-rsqs-u4ct-gbar
58
vulnerability VCID-rx3j-xjyn-6qbj
59
vulnerability VCID-rxv3-yw68-a3cp
60
vulnerability VCID-su9w-erpw-mqc3
61
vulnerability VCID-t8kn-cm9s-yfgv
62
vulnerability VCID-tkhq-78vd-aygx
63
vulnerability VCID-tw7a-kck8-83dq
64
vulnerability VCID-utck-uem9-n7a6
65
vulnerability VCID-uty1-5bvq-ffda
66
vulnerability VCID-vym8-d8sa-bye2
67
vulnerability VCID-w7wr-p69p-13dw
68
vulnerability VCID-wxg7-n2p4-ayhw
69
vulnerability VCID-wxz6-ka2n-jbdz
70
vulnerability VCID-xpdr-51cb-yudn
71
vulnerability VCID-xsyw-pfvg-4qfm
72
vulnerability VCID-ys36-9r8f-63ab
73
vulnerability VCID-ys4v-vwrn-4fa7
74
vulnerability VCID-z48y-dbfw-ubea
75
vulnerability VCID-znrm-edqa-nfbe
76
vulnerability VCID-zny3-fyqj-h7bm
77
vulnerability VCID-zpcq-187m-p3hk
78
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.6
2
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
aliases CVE-2011-1949, GHSA-h6hq-c896-w882, PYSEC-2011-15
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1j4m-pw7f-augk
3
url VCID-1rvm-wt1t-kucb
vulnerability_id VCID-1rvm-wt1t-kucb
summary Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the obj_ids:tokens parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7140.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7147
reference_id
reference_type
scores
0
value 0.00299
scoring_system epss
scoring_elements 0.53638
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7147
1
reference_url https://github.com/advisories/GHSA-84jm-cpc5-c7g7
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-84jm-cpc5-c7g7
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-64.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-64.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7147
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7147
5
reference_url https://plone.org/security/hotfix/20170117
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20170117
6
reference_url https://plone.org/security/hotfix/20170117/non-persistent-xss-in-zope2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20170117/non-persistent-xss-in-zope2
7
reference_url https://web.archive.org/web/20170214002551/http://www.securityfocus.com/bid/96117
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170214002551/http://www.securityfocus.com/bid/96117
8
reference_url https://www.curesec.com/blog/article/blog/Plone-XSS-186.html
reference_id
reference_type
scores
url https://www.curesec.com/blog/article/blog/Plone-XSS-186.html
9
reference_url http://www.curesec.com/blog/article/blog/Plone-XSS-186.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.curesec.com/blog/article/blog/Plone-XSS-186.html
10
reference_url http://www.securityfocus.com/bid/96117
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96117
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-37gz-3kz2-pyh5
2
vulnerability VCID-4yk1-dgbv-rubx
3
vulnerability VCID-7h1m-1f34-5qcs
4
vulnerability VCID-7w2h-6rxu-xqcd
5
vulnerability VCID-8kb4-bxbj-4udw
6
vulnerability VCID-9qpy-74mb-cfc6
7
vulnerability VCID-br6e-6exv-ykg6
8
vulnerability VCID-d874-w13w-qkey
9
vulnerability VCID-hb8u-3ubs-x7hf
10
vulnerability VCID-hgwu-kg1s-ffcn
11
vulnerability VCID-kzvb-7yn4-qbb9
12
vulnerability VCID-mu4f-29hh-dbhp
13
vulnerability VCID-n722-gtzf-gqgd
14
vulnerability VCID-nzjx-cckn-dfbc
15
vulnerability VCID-qmqy-eng1-3ka6
16
vulnerability VCID-rmp2-rsv7-auds
17
vulnerability VCID-t8kn-cm9s-yfgv
18
vulnerability VCID-tkhq-78vd-aygx
19
vulnerability VCID-ub1u-ev6d-sugd
20
vulnerability VCID-utck-uem9-n7a6
21
vulnerability VCID-w7wr-p69p-13dw
22
vulnerability VCID-ys36-9r8f-63ab
23
vulnerability VCID-z48y-dbfw-ubea
24
vulnerability VCID-znrm-edqa-nfbe
25
vulnerability VCID-zny3-fyqj-h7bm
26
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-2ym8-nhsc-j7hf
2
vulnerability VCID-37gz-3kz2-pyh5
3
vulnerability VCID-4yk1-dgbv-rubx
4
vulnerability VCID-6e71-df37-yyf1
5
vulnerability VCID-7w2h-6rxu-xqcd
6
vulnerability VCID-8kb4-bxbj-4udw
7
vulnerability VCID-9qpy-74mb-cfc6
8
vulnerability VCID-br6e-6exv-ykg6
9
vulnerability VCID-d874-w13w-qkey
10
vulnerability VCID-hb8u-3ubs-x7hf
11
vulnerability VCID-hgwu-kg1s-ffcn
12
vulnerability VCID-kzvb-7yn4-qbb9
13
vulnerability VCID-m1gb-mydp-bbez
14
vulnerability VCID-mu4f-29hh-dbhp
15
vulnerability VCID-n722-gtzf-gqgd
16
vulnerability VCID-nzjx-cckn-dfbc
17
vulnerability VCID-qmqy-eng1-3ka6
18
vulnerability VCID-rmp2-rsv7-auds
19
vulnerability VCID-t8kn-cm9s-yfgv
20
vulnerability VCID-tkhq-78vd-aygx
21
vulnerability VCID-ub1u-ev6d-sugd
22
vulnerability VCID-utck-uem9-n7a6
23
vulnerability VCID-w7wr-p69p-13dw
24
vulnerability VCID-ys36-9r8f-63ab
25
vulnerability VCID-z48y-dbfw-ubea
26
vulnerability VCID-znrm-edqa-nfbe
27
vulnerability VCID-zny3-fyqj-h7bm
28
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
aliases CVE-2016-7147, GHSA-84jm-cpc5-c7g7, PYSEC-2017-64
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1rvm-wt1t-kucb
4
url VCID-213v-yc9d-u7dx
vulnerability_id VCID-213v-yc9d-u7dx
summary Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28734
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65733
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28734
1
reference_url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
2
reference_url https://github.com/advisories/GHSA-wq6x-g685-w5f2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-wq6x-g685-w5f2
3
reference_url https://github.com/plone/Products.CMFPlone/issues/3209
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/3209
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-246.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-246.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28734
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28734
6
reference_url https://www.misakikata.com/codes/plone/python-en.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.misakikata.com/codes/plone/python-en.html
fixed_packages
0
url pkg:pypi/plone@5.2.3
purl pkg:pypi/plone@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ym8-nhsc-j7hf
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7w2h-6rxu-xqcd
3
vulnerability VCID-9qpy-74mb-cfc6
4
vulnerability VCID-br6e-6exv-ykg6
5
vulnerability VCID-d874-w13w-qkey
6
vulnerability VCID-hb8u-3ubs-x7hf
7
vulnerability VCID-hgwu-kg1s-ffcn
8
vulnerability VCID-mu4f-29hh-dbhp
9
vulnerability VCID-qmqy-eng1-3ka6
10
vulnerability VCID-z48y-dbfw-ubea
11
vulnerability VCID-znrm-edqa-nfbe
12
vulnerability VCID-zny3-fyqj-h7bm
13
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3
aliases CVE-2020-28734, GHSA-wq6x-g685-w5f2, PYSEC-2020-246
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-213v-yc9d-u7dx
5
url VCID-21n8-a2su-nbbd
vulnerability_id VCID-21n8-a2su-nbbd
summary Cross-site scripting in Products.CMFPlone and Products.PasswordResetTool
references
0
reference_url http://osvdb.org/72727
reference_id
reference_type
scores
url http://osvdb.org/72727
1
reference_url https://access.redhat.com/errata/RHSA-2012:0151
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2012:0151
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1948.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1948.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1948
reference_id
reference_type
scores
0
value 0.00529
scoring_system epss
scoring_elements 0.67628
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1948
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=711494
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=711494
5
reference_url http://secunia.com/advisories/44775
reference_id
reference_type
scores
url http://secunia.com/advisories/44775
6
reference_url http://secunia.com/advisories/44776
reference_id
reference_type
scores
url http://secunia.com/advisories/44776
7
reference_url http://securityreason.com/securityalert/8269
reference_id
reference_type
scores
url http://securityreason.com/securityalert/8269
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/67693
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/67693
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-14.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-14.yaml
10
reference_url http://www.securityfocus.com/archive/1/518155/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/518155/100/0/threaded
11
reference_url http://www.securityfocus.com/bid/48005
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/48005
12
reference_url http://plone.org/products/plone/security/advisories/CVE-2011-1948
reference_id CVE-2011-1948
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/CVE-2011-1948
13
reference_url https://access.redhat.com/security/cve/CVE-2011-1948
reference_id CVE-2011-1948
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2011-1948
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-1948
reference_id CVE-2011-1948
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-1948
15
reference_url https://github.com/advisories/GHSA-p7h9-vf92-5fj5
reference_id GHSA-p7h9-vf92-5fj5
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-p7h9-vf92-5fj5
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
aliases CVE-2011-1948, GHSA-p7h9-vf92-5fj5, PYSEC-2011-14
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-21n8-a2su-nbbd
6
url VCID-2ped-pk9p-5be3
vulnerability_id VCID-2ped-pk9p-5be3
summary gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5493.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5493.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5493
reference_id
reference_type
scores
0
value 0.0041
scoring_system epss
scoring_elements 0.61748
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5493
2
reference_url https://github.com/advisories/GHSA-25jh-5h5r-h33m
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-25jh-5h5r-h33m
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-35.yaml
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-35.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5493
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5493
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/09
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/09
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874704
reference_id 874704
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874704
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5493, GHSA-25jh-5h5r-h33m, PYSEC-2014-35
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ped-pk9p-5be3
7
url VCID-37gz-3kz2-pyh5
vulnerability_id VCID-37gz-3kz2-pyh5
summary A member of the Plone 2.5-5.1rc1 site could set javascript in the home_page property of his profile, and have this executed when a visitor click the home page link on the author page.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000482.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000482.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000482
reference_id
reference_type
scores
0
value 0.00287
scoring_system epss
scoring_elements 0.52554
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000482
2
reference_url https://github.com/advisories/GHSA-859j-668v-mrr6
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-859j-668v-mrr6
3
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
4
reference_url https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
5
reference_url https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
6
reference_url https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
7
reference_url https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
8
reference_url https://github.com/plone/Products.CMFPlone/issues/2232
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/2232
9
reference_url https://github.com/plone/Products.CMFPlone/pull/2233
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2233
10
reference_url https://github.com/plone/Products.CMFPlone/pull/2234
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2234
11
reference_url https://github.com/plone/Products.CMFPlone/pull/2235
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2235
12
reference_url https://github.com/plone/Products.CMFPlone/pull/2236
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2236
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-71.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-71.yaml
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000482
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000482
15
reference_url https://plone.org/security/hotfix/20171128/xss-using-the-home_page-member-property
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20171128/xss-using-the-home_page-member-property
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1532485
reference_id 1532485
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1532485
fixed_packages
0
url pkg:pypi/plone@4.3.16
purl pkg:pypi/plone@4.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7h1m-1f34-5qcs
3
vulnerability VCID-7w2h-6rxu-xqcd
4
vulnerability VCID-8kb4-bxbj-4udw
5
vulnerability VCID-9qpy-74mb-cfc6
6
vulnerability VCID-br6e-6exv-ykg6
7
vulnerability VCID-d874-w13w-qkey
8
vulnerability VCID-hb8u-3ubs-x7hf
9
vulnerability VCID-hgwu-kg1s-ffcn
10
vulnerability VCID-kzvb-7yn4-qbb9
11
vulnerability VCID-mu4f-29hh-dbhp
12
vulnerability VCID-n722-gtzf-gqgd
13
vulnerability VCID-nzjx-cckn-dfbc
14
vulnerability VCID-qmqy-eng1-3ka6
15
vulnerability VCID-rmp2-rsv7-auds
16
vulnerability VCID-t8kn-cm9s-yfgv
17
vulnerability VCID-tkhq-78vd-aygx
18
vulnerability VCID-ub1u-ev6d-sugd
19
vulnerability VCID-utck-uem9-n7a6
20
vulnerability VCID-z48y-dbfw-ubea
21
vulnerability VCID-znrm-edqa-nfbe
22
vulnerability VCID-zny3-fyqj-h7bm
23
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16
1
url pkg:pypi/plone@5.1.0
purl pkg:pypi/plone@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-2ym8-nhsc-j7hf
2
vulnerability VCID-4yk1-dgbv-rubx
3
vulnerability VCID-7w2h-6rxu-xqcd
4
vulnerability VCID-8kb4-bxbj-4udw
5
vulnerability VCID-9qpy-74mb-cfc6
6
vulnerability VCID-br6e-6exv-ykg6
7
vulnerability VCID-d874-w13w-qkey
8
vulnerability VCID-hb8u-3ubs-x7hf
9
vulnerability VCID-hgwu-kg1s-ffcn
10
vulnerability VCID-kzvb-7yn4-qbb9
11
vulnerability VCID-m1gb-mydp-bbez
12
vulnerability VCID-mu4f-29hh-dbhp
13
vulnerability VCID-qmqy-eng1-3ka6
14
vulnerability VCID-t8kn-cm9s-yfgv
15
vulnerability VCID-tkhq-78vd-aygx
16
vulnerability VCID-ub1u-ev6d-sugd
17
vulnerability VCID-utck-uem9-n7a6
18
vulnerability VCID-z48y-dbfw-ubea
19
vulnerability VCID-znrm-edqa-nfbe
20
vulnerability VCID-zny3-fyqj-h7bm
21
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0
aliases CVE-2017-1000482, GHSA-859j-668v-mrr6, PYSEC-2018-71
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-37gz-3kz2-pyh5
8
url VCID-3rsq-dq49-uyfg
vulnerability_id VCID-3rsq-dq49-uyfg
summary Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5490.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5490.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5490
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52297
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5490
2
reference_url https://github.com/advisories/GHSA-q46g-v7r4-9vhr
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-q46g-v7r4-9vhr
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-32.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-32.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5490
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5490
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/06
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/06
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878968
reference_id 878968
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=878968
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5490, GHSA-q46g-v7r4-9vhr, PYSEC-2014-32
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3rsq-dq49-uyfg
9
url VCID-3ufm-n2ku-8uax
vulnerability_id VCID-3ufm-n2ku-8uax
summary python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to "go_back."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5495.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5495.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5495
reference_id
reference_type
scores
0
value 0.00638
scoring_system epss
scoring_elements 0.70976
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5495
2
reference_url https://github.com/advisories/GHSA-w6pw-5gh5-4952
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-w6pw-5gh5-4952
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-37.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-37.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5495
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5495
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/11
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/11
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874699
reference_id 874699
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874699
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5495, GHSA-w6pw-5gh5-4952, PYSEC-2014-37
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ufm-n2ku-8uax
10
url VCID-4qbd-mwc7-7kdw
vulnerability_id VCID-4qbd-mwc7-7kdw
summary Plone Denial of Service vulnerability
references
0
reference_url http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4462.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4462.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4462
reference_id
reference_type
scores
0
value 0.00925
scoring_system epss
scoring_elements 0.76478
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4462
3
reference_url http://secunia.com/advisories/47406
reference_id
reference_type
scores
url http://secunia.com/advisories/47406
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/72018
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/72018
5
reference_url https://github.com/plone/plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-22.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-22.yaml
7
reference_url http://www.kb.cert.org/vuls/id/903934
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.kb.cert.org/vuls/id/903934
8
reference_url http://www.nruns.com/_downloads/advisory28122011.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.nruns.com/_downloads/advisory28122011.pdf
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=781683
reference_id 781683
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=781683
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4462
reference_id CVE-2011-4462
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4462
11
reference_url http://www.ocert.org/advisories/ocert-2011-003.html
reference_id CVE-2011-4885;OSVDB-78115
reference_type exploit
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ocert.org/advisories/ocert-2011-003.html
12
reference_url https://github.com/advisories/GHSA-pcwm-8jc3-qxvj
reference_id GHSA-pcwm-8jc3-qxvj
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-pcwm-8jc3-qxvj
fixed_packages
0
url pkg:pypi/plone@4.1.4
purl pkg:pypi/plone@4.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4r5c-efmk-8feu
11
vulnerability VCID-556h-c8hm-6qfc
12
vulnerability VCID-5qmx-515u-dbdq
13
vulnerability VCID-6xwh-jvge-fkf9
14
vulnerability VCID-7h1m-1f34-5qcs
15
vulnerability VCID-7w2h-6rxu-xqcd
16
vulnerability VCID-8kb4-bxbj-4udw
17
vulnerability VCID-9qpy-74mb-cfc6
18
vulnerability VCID-br6e-6exv-ykg6
19
vulnerability VCID-d874-w13w-qkey
20
vulnerability VCID-ezb4-3xtr-h3g6
21
vulnerability VCID-fpv9-t5ew-aqe2
22
vulnerability VCID-fxx5-msd8-1fh8
23
vulnerability VCID-fz81-dgb8-27gh
24
vulnerability VCID-hb8u-3ubs-x7hf
25
vulnerability VCID-hgwu-kg1s-ffcn
26
vulnerability VCID-jduh-f7z9-3qcc
27
vulnerability VCID-jp3d-8ja2-c3a6
28
vulnerability VCID-kcx4-zkp3-xucf
29
vulnerability VCID-m98v-y63a-1yfr
30
vulnerability VCID-mqru-hkfz-xkan
31
vulnerability VCID-mu4f-29hh-dbhp
32
vulnerability VCID-n722-gtzf-gqgd
33
vulnerability VCID-nkez-59zg-8fan
34
vulnerability VCID-nr4g-tdxq-byhh
35
vulnerability VCID-nzjx-cckn-dfbc
36
vulnerability VCID-p3mr-uajx-k7gg
37
vulnerability VCID-pbhm-ufh6-cufd
38
vulnerability VCID-pv6u-hm6u-hbc1
39
vulnerability VCID-q5np-v195-tkbz
40
vulnerability VCID-qmqy-eng1-3ka6
41
vulnerability VCID-qww5-d5cg-jfb5
42
vulnerability VCID-rmp2-rsv7-auds
43
vulnerability VCID-rqej-4883-q3ee
44
vulnerability VCID-rsqs-u4ct-gbar
45
vulnerability VCID-rx3j-xjyn-6qbj
46
vulnerability VCID-rxv3-yw68-a3cp
47
vulnerability VCID-t8kn-cm9s-yfgv
48
vulnerability VCID-tkhq-78vd-aygx
49
vulnerability VCID-tw7a-kck8-83dq
50
vulnerability VCID-utck-uem9-n7a6
51
vulnerability VCID-w7wr-p69p-13dw
52
vulnerability VCID-wxg7-n2p4-ayhw
53
vulnerability VCID-xpdr-51cb-yudn
54
vulnerability VCID-xsyw-pfvg-4qfm
55
vulnerability VCID-ys36-9r8f-63ab
56
vulnerability VCID-ys4v-vwrn-4fa7
57
vulnerability VCID-z48y-dbfw-ubea
58
vulnerability VCID-znrm-edqa-nfbe
59
vulnerability VCID-zny3-fyqj-h7bm
60
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.4
aliases CVE-2011-4462, GHSA-pcwm-8jc3-qxvj, PYSEC-2011-22
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qbd-mwc7-7kdw
11
url VCID-4r5c-efmk-8feu
vulnerability_id VCID-4r5c-efmk-8feu
summary python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5499.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5499.json
3
reference_url https://access.redhat.com/security/cve/CVE-2012-5499
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5499
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5499
reference_id
reference_type
scores
0
value 0.00887
scoring_system epss
scoring_elements 0.75932
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5499
5
reference_url https://github.com/advisories/GHSA-wrf2-2rch-cmr9
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-wrf2-2rch-cmr9
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-41.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-41.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5499
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5499
10
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
11
reference_url https://plone.org/products/plone/security/advisories/20121106/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/15
12
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874657
reference_id 874657
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=874657
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5499, GHSA-wrf2-2rch-cmr9, PYSEC-2014-41
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4r5c-efmk-8feu
12
url VCID-556h-c8hm-6qfc
vulnerability_id VCID-556h-c8hm-6qfc
summary atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5505.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5505.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5505
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55373
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5505
2
reference_url https://github.com/advisories/GHSA-cq5g-924m-7fxh
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-cq5g-924m-7fxh
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-47.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-47.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5505
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5505
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/21
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874214
reference_id 874214
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874214
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5505, GHSA-cq5g-924m-7fxh, PYSEC-2014-47
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-556h-c8hm-6qfc
13
url VCID-6xwh-jvge-fkf9
vulnerability_id VCID-6xwh-jvge-fkf9
summary Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "{u,}translate."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5494.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5494.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5494
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52297
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5494
2
reference_url https://github.com/advisories/GHSA-3g6w-4m7x-97v6
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-3g6w-4m7x-97v6
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-36.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-36.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5494
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5494
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/10
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874703
reference_id 874703
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874703
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5494, GHSA-3g6w-4m7x-97v6, PYSEC-2014-36
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xwh-jvge-fkf9
14
url VCID-7h1m-1f34-5qcs
vulnerability_id VCID-7h1m-1f34-5qcs
summary Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
references
0
reference_url http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt
1
reference_url http://packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7293
reference_id
reference_type
scores
0
value 0.00332
scoring_system epss
scoring_elements 0.56486
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7293
3
reference_url https://github.com/advisories/GHSA-p3qm-44cf-f8qx
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-p3qm-44cf-f8qx
4
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-51.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-51.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7293
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7293
7
reference_url https://plone.org/security/hotfix/20151006
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20151006
8
reference_url https://pypi.python.org/pypi/plone4.csrffixes
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pypi.python.org/pypi/plone4.csrffixes
9
reference_url https://www.exploit-db.com/exploits/38411
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/38411
10
reference_url https://www.exploit-db.com/exploits/38411/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/38411/
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38411.txt
reference_id CVE-2015-7293;OSVDB-128533;OSVDB-128532
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38411.txt
12
reference_url https://plone.org/products/plone/security/advisories/security-vulnerability-20151006-csrf
reference_id CVE-2015-7293;OSVDB-128533;OSVDB-128532
reference_type exploit
scores
url https://plone.org/products/plone/security/advisories/security-vulnerability-20151006-csrf
fixed_packages
0
url pkg:pypi/plone@5.0a1
purl pkg:pypi/plone@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-213v-yc9d-u7dx
3
vulnerability VCID-37gz-3kz2-pyh5
4
vulnerability VCID-3kbx-xrnj-nyfu
5
vulnerability VCID-4yk1-dgbv-rubx
6
vulnerability VCID-7w2h-6rxu-xqcd
7
vulnerability VCID-8kb4-bxbj-4udw
8
vulnerability VCID-9qpy-74mb-cfc6
9
vulnerability VCID-br6e-6exv-ykg6
10
vulnerability VCID-d874-w13w-qkey
11
vulnerability VCID-ezb4-3xtr-h3g6
12
vulnerability VCID-hb8u-3ubs-x7hf
13
vulnerability VCID-hgwu-kg1s-ffcn
14
vulnerability VCID-kzvb-7yn4-qbb9
15
vulnerability VCID-mu4f-29hh-dbhp
16
vulnerability VCID-n722-gtzf-gqgd
17
vulnerability VCID-nzjx-cckn-dfbc
18
vulnerability VCID-qmqy-eng1-3ka6
19
vulnerability VCID-rmp2-rsv7-auds
20
vulnerability VCID-rxv3-yw68-a3cp
21
vulnerability VCID-t8kn-cm9s-yfgv
22
vulnerability VCID-tkhq-78vd-aygx
23
vulnerability VCID-ub1u-ev6d-sugd
24
vulnerability VCID-utck-uem9-n7a6
25
vulnerability VCID-z48y-dbfw-ubea
26
vulnerability VCID-znrm-edqa-nfbe
27
vulnerability VCID-zny3-fyqj-h7bm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0a1
aliases CVE-2015-7293, GHSA-p3qm-44cf-f8qx, PYSEC-2017-51
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7h1m-1f34-5qcs
15
url VCID-7w2h-6rxu-xqcd
vulnerability_id VCID-7w2h-6rxu-xqcd
summary Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33507
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52353
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33507
1
reference_url https://github.com/advisories/GHSA-35rg-466w-77h3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-35rg-466w-77h3
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-79.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-79.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33507
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33507
4
reference_url https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots
5
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb8u-3ubs-x7hf
1
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33507, GHSA-35rg-466w-77h3, PYSEC-2021-79
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7w2h-6rxu-xqcd
16
url VCID-7zku-wweg-xua6
vulnerability_id VCID-7zku-wweg-xua6
summary Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.
references
0
reference_url http://osvdb.org/70753
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://osvdb.org/70753
1
reference_url http://plone.org/products/plone/security/advisories/cve-2011-0720
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/cve-2011-0720
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0720.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0720.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0720
reference_id
reference_type
scores
0
value 0.01407
scoring_system epss
scoring_elements 0.809
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0720
4
reference_url http://secunia.com/advisories/43146
reference_id
reference_type
scores
url http://secunia.com/advisories/43146
5
reference_url http://secunia.com/advisories/43914
reference_id
reference_type
scores
url http://secunia.com/advisories/43914
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/65099
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/65099
7
reference_url https://github.com/advisories/GHSA-3v28-9jjp-4g5w
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-3v28-9jjp-4g5w
8
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-13.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-13.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-0720
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-0720
11
reference_url https://plone.org/products/plone-hotfix/releases/CVE-2011-0720/logchecker.py
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/CVE-2011-0720/logchecker.py
12
reference_url https://seclists.org/fulldisclosure/2011/Apr/293
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://seclists.org/fulldisclosure/2011/Apr/293
13
reference_url https://web.archive.org/web/20110505051314/http://secunia.com/advisories/43914
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110505051314/http://secunia.com/advisories/43914
14
reference_url https://web.archive.org/web/20110826134658/http://secunia.com/advisories/43146
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20110826134658/http://secunia.com/advisories/43146
15
reference_url https://web.archive.org/web/20200229153953/http://www.securityfocus.com/bid/46102
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229153953/http://www.securityfocus.com/bid/46102
16
reference_url http://www.redhat.com/support/errata/RHSA-2011-0393.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2011-0393.html
17
reference_url http://www.redhat.com/support/errata/RHSA-2011-0394.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.redhat.com/support/errata/RHSA-2011-0394.html
18
reference_url http://www.securityfocus.com/bid/46102
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/46102
19
reference_url http://www.securitytracker.com/id?1025258
reference_id
reference_type
scores
url http://www.securitytracker.com/id?1025258
20
reference_url http://www.vupen.com/english/advisories/2011/0796
reference_id
reference_type
scores
url http://www.vupen.com/english/advisories/2011/0796
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=676961
reference_id 676961
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=676961
22
reference_url https://access.redhat.com/errata/RHSA-2011:0393
reference_id RHSA-2011:0393
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0393
23
reference_url https://access.redhat.com/errata/RHSA-2011:0394
reference_id RHSA-2011:0394
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0394
fixed_packages
0
url pkg:pypi/plone@4.0.1
purl pkg:pypi/plone@4.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-7zku-wweg-xua6
21
vulnerability VCID-8kb4-bxbj-4udw
22
vulnerability VCID-9qpy-74mb-cfc6
23
vulnerability VCID-afnm-51yp-4bhc
24
vulnerability VCID-bdam-dhg3-5kap
25
vulnerability VCID-br6e-6exv-ykg6
26
vulnerability VCID-cfen-6xpt-rqa3
27
vulnerability VCID-d874-w13w-qkey
28
vulnerability VCID-dur5-cy82-1kex
29
vulnerability VCID-dwph-zncb-fkhv
30
vulnerability VCID-ezb4-3xtr-h3g6
31
vulnerability VCID-fpv9-t5ew-aqe2
32
vulnerability VCID-fxx5-msd8-1fh8
33
vulnerability VCID-fz81-dgb8-27gh
34
vulnerability VCID-hb8u-3ubs-x7hf
35
vulnerability VCID-hgwu-kg1s-ffcn
36
vulnerability VCID-jduh-f7z9-3qcc
37
vulnerability VCID-jp3d-8ja2-c3a6
38
vulnerability VCID-kcx4-zkp3-xucf
39
vulnerability VCID-kmz7-9j1z-6fdp
40
vulnerability VCID-m7pv-me1q-6kh7
41
vulnerability VCID-m98v-y63a-1yfr
42
vulnerability VCID-mqru-hkfz-xkan
43
vulnerability VCID-mu4f-29hh-dbhp
44
vulnerability VCID-n722-gtzf-gqgd
45
vulnerability VCID-nedk-vykq-xfda
46
vulnerability VCID-nkez-59zg-8fan
47
vulnerability VCID-nr4g-tdxq-byhh
48
vulnerability VCID-nzjx-cckn-dfbc
49
vulnerability VCID-p3mr-uajx-k7gg
50
vulnerability VCID-pbhm-ufh6-cufd
51
vulnerability VCID-pv6u-hm6u-hbc1
52
vulnerability VCID-q5np-v195-tkbz
53
vulnerability VCID-qmqy-eng1-3ka6
54
vulnerability VCID-qww5-d5cg-jfb5
55
vulnerability VCID-rdn1-sepc-xbdm
56
vulnerability VCID-rmp2-rsv7-auds
57
vulnerability VCID-rqej-4883-q3ee
58
vulnerability VCID-rsqs-u4ct-gbar
59
vulnerability VCID-rx3j-xjyn-6qbj
60
vulnerability VCID-rxv3-yw68-a3cp
61
vulnerability VCID-su9w-erpw-mqc3
62
vulnerability VCID-t8kn-cm9s-yfgv
63
vulnerability VCID-tkhq-78vd-aygx
64
vulnerability VCID-tw7a-kck8-83dq
65
vulnerability VCID-utck-uem9-n7a6
66
vulnerability VCID-uty1-5bvq-ffda
67
vulnerability VCID-vym8-d8sa-bye2
68
vulnerability VCID-w7wr-p69p-13dw
69
vulnerability VCID-wxg7-n2p4-ayhw
70
vulnerability VCID-wxz6-ka2n-jbdz
71
vulnerability VCID-xpdr-51cb-yudn
72
vulnerability VCID-xsyw-pfvg-4qfm
73
vulnerability VCID-ys36-9r8f-63ab
74
vulnerability VCID-ys4v-vwrn-4fa7
75
vulnerability VCID-z48y-dbfw-ubea
76
vulnerability VCID-znrm-edqa-nfbe
77
vulnerability VCID-zny3-fyqj-h7bm
78
vulnerability VCID-zpcq-187m-p3hk
79
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.1
1
url pkg:pypi/plone@4.0.4
purl pkg:pypi/plone@4.0.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-8kb4-bxbj-4udw
21
vulnerability VCID-9qpy-74mb-cfc6
22
vulnerability VCID-afnm-51yp-4bhc
23
vulnerability VCID-bdam-dhg3-5kap
24
vulnerability VCID-br6e-6exv-ykg6
25
vulnerability VCID-cfen-6xpt-rqa3
26
vulnerability VCID-d874-w13w-qkey
27
vulnerability VCID-dur5-cy82-1kex
28
vulnerability VCID-dwph-zncb-fkhv
29
vulnerability VCID-ezb4-3xtr-h3g6
30
vulnerability VCID-fpv9-t5ew-aqe2
31
vulnerability VCID-fxx5-msd8-1fh8
32
vulnerability VCID-fz81-dgb8-27gh
33
vulnerability VCID-hb8u-3ubs-x7hf
34
vulnerability VCID-hgwu-kg1s-ffcn
35
vulnerability VCID-jduh-f7z9-3qcc
36
vulnerability VCID-jp3d-8ja2-c3a6
37
vulnerability VCID-kcx4-zkp3-xucf
38
vulnerability VCID-kmz7-9j1z-6fdp
39
vulnerability VCID-m7pv-me1q-6kh7
40
vulnerability VCID-m98v-y63a-1yfr
41
vulnerability VCID-mqru-hkfz-xkan
42
vulnerability VCID-mu4f-29hh-dbhp
43
vulnerability VCID-n722-gtzf-gqgd
44
vulnerability VCID-nedk-vykq-xfda
45
vulnerability VCID-nkez-59zg-8fan
46
vulnerability VCID-nr4g-tdxq-byhh
47
vulnerability VCID-nzjx-cckn-dfbc
48
vulnerability VCID-p3mr-uajx-k7gg
49
vulnerability VCID-pbhm-ufh6-cufd
50
vulnerability VCID-pv6u-hm6u-hbc1
51
vulnerability VCID-q5np-v195-tkbz
52
vulnerability VCID-qmqy-eng1-3ka6
53
vulnerability VCID-qww5-d5cg-jfb5
54
vulnerability VCID-rdn1-sepc-xbdm
55
vulnerability VCID-rmp2-rsv7-auds
56
vulnerability VCID-rqej-4883-q3ee
57
vulnerability VCID-rsqs-u4ct-gbar
58
vulnerability VCID-rx3j-xjyn-6qbj
59
vulnerability VCID-rxv3-yw68-a3cp
60
vulnerability VCID-su9w-erpw-mqc3
61
vulnerability VCID-t8kn-cm9s-yfgv
62
vulnerability VCID-tkhq-78vd-aygx
63
vulnerability VCID-tw7a-kck8-83dq
64
vulnerability VCID-utck-uem9-n7a6
65
vulnerability VCID-uty1-5bvq-ffda
66
vulnerability VCID-vym8-d8sa-bye2
67
vulnerability VCID-w7wr-p69p-13dw
68
vulnerability VCID-wxg7-n2p4-ayhw
69
vulnerability VCID-wxz6-ka2n-jbdz
70
vulnerability VCID-xpdr-51cb-yudn
71
vulnerability VCID-xsyw-pfvg-4qfm
72
vulnerability VCID-ys36-9r8f-63ab
73
vulnerability VCID-ys4v-vwrn-4fa7
74
vulnerability VCID-z48y-dbfw-ubea
75
vulnerability VCID-znrm-edqa-nfbe
76
vulnerability VCID-zny3-fyqj-h7bm
77
vulnerability VCID-zpcq-187m-p3hk
78
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.4
aliases CVE-2011-0720, GHSA-3v28-9jjp-4g5w, PYSEC-2011-13
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7zku-wweg-xua6
17
url VCID-9qpy-74mb-cfc6
vulnerability_id VCID-9qpy-74mb-cfc6
summary Plone XSS in User Fullname Property and File Upload
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3313
reference_id
reference_type
scores
0
value 0.00444
scoring_system epss
scoring_elements 0.63814
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3313
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-78.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-78.yaml
3
reference_url https://plone.org/download/releases/5.2.3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/download/releases/5.2.3
4
reference_url https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html
5
reference_url https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname
6
reference_url https://www.compass-security.com/fileadmin/Research/Advisories/2021-07_CSNC-2021-013_XSS_in_Plone_CMS.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.compass-security.com/fileadmin/Research/Advisories/2021-07_CSNC-2021-013_XSS_in_Plone_CMS.txt
7
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3313
reference_id CVE-2021-3313
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3313
9
reference_url https://github.com/advisories/GHSA-hprr-4vfq-fcxw
reference_id GHSA-hprr-4vfq-fcxw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hprr-4vfq-fcxw
fixed_packages
0
url pkg:pypi/plone@5.2.4
purl pkg:pypi/plone@5.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ym8-nhsc-j7hf
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7w2h-6rxu-xqcd
3
vulnerability VCID-br6e-6exv-ykg6
4
vulnerability VCID-hb8u-3ubs-x7hf
5
vulnerability VCID-hgwu-kg1s-ffcn
6
vulnerability VCID-mu4f-29hh-dbhp
7
vulnerability VCID-qmqy-eng1-3ka6
8
vulnerability VCID-z48y-dbfw-ubea
9
vulnerability VCID-znrm-edqa-nfbe
10
vulnerability VCID-zny3-fyqj-h7bm
11
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.4
aliases CVE-2021-3313, GHSA-hprr-4vfq-fcxw, PYSEC-2021-78
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qpy-74mb-cfc6
18
url VCID-9stt-rbrq-e3cv
vulnerability_id VCID-9stt-rbrq-e3cv
summary Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfix 20100612 allows remote attackers to inject arbitrary web script or HTML via the safe_html transform.
references
0
reference_url http://plone.org/products/plone/security/advisories/cve-2010-unassigned-html-injection-in-safe_html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/cve-2010-unassigned-html-injection-in-safe_html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2422.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2422.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-2422
reference_id
reference_type
scores
0
value 0.00392
scoring_system epss
scoring_elements 0.60595
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-2422
3
reference_url http://secunia.com/advisories/40270
reference_id
reference_type
scores
url http://secunia.com/advisories/40270
4
reference_url https://github.com/advisories/GHSA-qj7x-wm9q-qjx8
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-qj7x-wm9q-qjx8
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2010-19.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2010-19.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-2422
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-2422
8
reference_url https://web.archive.org/web/20100728161728/http://secunia.com/advisories/40270
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20100728161728/http://secunia.com/advisories/40270
9
reference_url https://web.archive.org/web/20200228223808/http://www.securityfocus.com/bid/40999
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228223808/http://www.securityfocus.com/bid/40999
10
reference_url http://www.securityfocus.com/bid/40999
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/40999
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=608098
reference_id 608098
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=608098
fixed_packages
0
url pkg:pypi/plone@3.3.5
purl pkg:pypi/plone@3.3.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-7zku-wweg-xua6
21
vulnerability VCID-9qpy-74mb-cfc6
22
vulnerability VCID-9stt-rbrq-e3cv
23
vulnerability VCID-afnm-51yp-4bhc
24
vulnerability VCID-asdu-my4z-4kct
25
vulnerability VCID-br6e-6exv-ykg6
26
vulnerability VCID-cfen-6xpt-rqa3
27
vulnerability VCID-d874-w13w-qkey
28
vulnerability VCID-dur5-cy82-1kex
29
vulnerability VCID-dwph-zncb-fkhv
30
vulnerability VCID-ezb4-3xtr-h3g6
31
vulnerability VCID-f3v1-j9pa-juck
32
vulnerability VCID-fpv9-t5ew-aqe2
33
vulnerability VCID-fxx5-msd8-1fh8
34
vulnerability VCID-fz81-dgb8-27gh
35
vulnerability VCID-hb8u-3ubs-x7hf
36
vulnerability VCID-hgwu-kg1s-ffcn
37
vulnerability VCID-jduh-f7z9-3qcc
38
vulnerability VCID-jp3d-8ja2-c3a6
39
vulnerability VCID-kcx4-zkp3-xucf
40
vulnerability VCID-kmz7-9j1z-6fdp
41
vulnerability VCID-m758-7mkw-g7ac
42
vulnerability VCID-m7pv-me1q-6kh7
43
vulnerability VCID-m98v-y63a-1yfr
44
vulnerability VCID-mqru-hkfz-xkan
45
vulnerability VCID-mu4f-29hh-dbhp
46
vulnerability VCID-n722-gtzf-gqgd
47
vulnerability VCID-nedk-vykq-xfda
48
vulnerability VCID-nkez-59zg-8fan
49
vulnerability VCID-nzjx-cckn-dfbc
50
vulnerability VCID-p3mr-uajx-k7gg
51
vulnerability VCID-pbhm-ufh6-cufd
52
vulnerability VCID-pv6u-hm6u-hbc1
53
vulnerability VCID-q5np-v195-tkbz
54
vulnerability VCID-qmqy-eng1-3ka6
55
vulnerability VCID-qww5-d5cg-jfb5
56
vulnerability VCID-rdn1-sepc-xbdm
57
vulnerability VCID-rmp2-rsv7-auds
58
vulnerability VCID-rqej-4883-q3ee
59
vulnerability VCID-rsqs-u4ct-gbar
60
vulnerability VCID-rx3j-xjyn-6qbj
61
vulnerability VCID-rxv3-yw68-a3cp
62
vulnerability VCID-su9w-erpw-mqc3
63
vulnerability VCID-t8kn-cm9s-yfgv
64
vulnerability VCID-tw7a-kck8-83dq
65
vulnerability VCID-utck-uem9-n7a6
66
vulnerability VCID-uty1-5bvq-ffda
67
vulnerability VCID-vym8-d8sa-bye2
68
vulnerability VCID-w7wr-p69p-13dw
69
vulnerability VCID-wxg7-n2p4-ayhw
70
vulnerability VCID-wxz6-ka2n-jbdz
71
vulnerability VCID-xpdr-51cb-yudn
72
vulnerability VCID-xsyw-pfvg-4qfm
73
vulnerability VCID-ys36-9r8f-63ab
74
vulnerability VCID-ys4v-vwrn-4fa7
75
vulnerability VCID-z48y-dbfw-ubea
76
vulnerability VCID-znrm-edqa-nfbe
77
vulnerability VCID-zny3-fyqj-h7bm
78
vulnerability VCID-zpcq-187m-p3hk
79
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@3.3.5
1
url pkg:pypi/plone@3.3.6
purl pkg:pypi/plone@3.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-7zku-wweg-xua6
21
vulnerability VCID-9qpy-74mb-cfc6
22
vulnerability VCID-afnm-51yp-4bhc
23
vulnerability VCID-asdu-my4z-4kct
24
vulnerability VCID-br6e-6exv-ykg6
25
vulnerability VCID-cfen-6xpt-rqa3
26
vulnerability VCID-d874-w13w-qkey
27
vulnerability VCID-dur5-cy82-1kex
28
vulnerability VCID-dwph-zncb-fkhv
29
vulnerability VCID-ezb4-3xtr-h3g6
30
vulnerability VCID-fpv9-t5ew-aqe2
31
vulnerability VCID-fxx5-msd8-1fh8
32
vulnerability VCID-fz81-dgb8-27gh
33
vulnerability VCID-hb8u-3ubs-x7hf
34
vulnerability VCID-hgwu-kg1s-ffcn
35
vulnerability VCID-jduh-f7z9-3qcc
36
vulnerability VCID-jp3d-8ja2-c3a6
37
vulnerability VCID-kcx4-zkp3-xucf
38
vulnerability VCID-kmz7-9j1z-6fdp
39
vulnerability VCID-m758-7mkw-g7ac
40
vulnerability VCID-m7pv-me1q-6kh7
41
vulnerability VCID-m98v-y63a-1yfr
42
vulnerability VCID-mqru-hkfz-xkan
43
vulnerability VCID-mu4f-29hh-dbhp
44
vulnerability VCID-n722-gtzf-gqgd
45
vulnerability VCID-nedk-vykq-xfda
46
vulnerability VCID-nkez-59zg-8fan
47
vulnerability VCID-nzjx-cckn-dfbc
48
vulnerability VCID-p3mr-uajx-k7gg
49
vulnerability VCID-pbhm-ufh6-cufd
50
vulnerability VCID-pv6u-hm6u-hbc1
51
vulnerability VCID-q5np-v195-tkbz
52
vulnerability VCID-qmqy-eng1-3ka6
53
vulnerability VCID-qww5-d5cg-jfb5
54
vulnerability VCID-rdn1-sepc-xbdm
55
vulnerability VCID-rmp2-rsv7-auds
56
vulnerability VCID-rqej-4883-q3ee
57
vulnerability VCID-rsqs-u4ct-gbar
58
vulnerability VCID-rx3j-xjyn-6qbj
59
vulnerability VCID-rxv3-yw68-a3cp
60
vulnerability VCID-su9w-erpw-mqc3
61
vulnerability VCID-t8kn-cm9s-yfgv
62
vulnerability VCID-tw7a-kck8-83dq
63
vulnerability VCID-utck-uem9-n7a6
64
vulnerability VCID-uty1-5bvq-ffda
65
vulnerability VCID-vym8-d8sa-bye2
66
vulnerability VCID-w7wr-p69p-13dw
67
vulnerability VCID-wxg7-n2p4-ayhw
68
vulnerability VCID-wxz6-ka2n-jbdz
69
vulnerability VCID-xpdr-51cb-yudn
70
vulnerability VCID-xsyw-pfvg-4qfm
71
vulnerability VCID-ys36-9r8f-63ab
72
vulnerability VCID-ys4v-vwrn-4fa7
73
vulnerability VCID-z48y-dbfw-ubea
74
vulnerability VCID-znrm-edqa-nfbe
75
vulnerability VCID-zny3-fyqj-h7bm
76
vulnerability VCID-zpcq-187m-p3hk
77
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@3.3.6
aliases CVE-2010-2422, GHSA-qj7x-wm9q-qjx8, PYSEC-2010-19
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9stt-rbrq-e3cv
19
url VCID-afnm-51yp-4bhc
vulnerability_id VCID-afnm-51yp-4bhc
summary zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4191
reference_id
reference_type
scores
0
value 0.00309
scoring_system epss
scoring_elements 0.54518
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4191
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978453
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978453
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-grwx-4p5v-9g2g
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-grwx-4p5v-9g2g
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-55.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-55.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4191
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4191
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4191, GHSA-grwx-4p5v-9g2g, PYSEC-2014-55
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-afnm-51yp-4bhc
20
url VCID-br6e-6exv-ykg6
vulnerability_id VCID-br6e-6exv-ykg6
summary Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming, plone.app.dexterity, and plone.supermodel.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33511
reference_id
reference_type
scores
0
value 0.00276
scoring_system epss
scoring_elements 0.5134
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33511
1
reference_url https://github.com/advisories/GHSA-gc9g-67cq-p7v4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gc9g-67cq-p7v4
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-83.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-83.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33511
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33511
5
reference_url https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-lxml-parser
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-lxml-parser
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb8u-3ubs-x7hf
1
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33511, GHSA-gc9g-67cq-p7v4, PYSEC-2021-83
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-br6e-6exv-ykg6
21
url VCID-cfen-6xpt-rqa3
vulnerability_id VCID-cfen-6xpt-rqa3
summary The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers to obtain sensitive information via a crafted URL, which reveals the installation path in an error message.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4194
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55373
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4194
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978470
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978470
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-mm32-jw73-9227
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-mm32-jw73-9227
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-58.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-58.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4194
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4194
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4194, GHSA-mm32-jw73-9227, PYSEC-2014-58
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cfen-6xpt-rqa3
22
url VCID-d874-w13w-qkey
vulnerability_id VCID-d874-w13w-qkey
summary Plone XSS Vulnerability
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-29002
reference_id
reference_type
scores
0
value 0.0031
scoring_system epss
scoring_elements 0.54553
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-29002
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/issues/3255
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/3255
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-889.yaml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-889.yaml
4
reference_url https://www.exploit-db.com/exploits/49668
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/49668
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-29002
reference_id CVE-2021-29002
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-29002
6
reference_url https://github.com/advisories/GHSA-38g6-x6jv-jwff
reference_id GHSA-38g6-x6jv-jwff
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-38g6-x6jv-jwff
fixed_packages
0
url pkg:pypi/plone@5.2.4
purl pkg:pypi/plone@5.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ym8-nhsc-j7hf
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7w2h-6rxu-xqcd
3
vulnerability VCID-br6e-6exv-ykg6
4
vulnerability VCID-hb8u-3ubs-x7hf
5
vulnerability VCID-hgwu-kg1s-ffcn
6
vulnerability VCID-mu4f-29hh-dbhp
7
vulnerability VCID-qmqy-eng1-3ka6
8
vulnerability VCID-z48y-dbfw-ubea
9
vulnerability VCID-znrm-edqa-nfbe
10
vulnerability VCID-zny3-fyqj-h7bm
11
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.4
aliases CVE-2021-29002, GHSA-38g6-x6jv-jwff, PYSEC-2021-889
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d874-w13w-qkey
23
url VCID-dur5-cy82-1kex
vulnerability_id VCID-dur5-cy82-1kex
summary Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4195
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52297
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4195
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978471
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978471
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-j67j-8hrp-76xm
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-j67j-8hrp-76xm
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-59.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-59.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4195
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4195
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4195, GHSA-j67j-8hrp-76xm, PYSEC-2014-59
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dur5-cy82-1kex
24
url VCID-dwph-zncb-fkhv
vulnerability_id VCID-dwph-zncb-fkhv
summary sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4192
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.44468
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4192
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978464
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978464
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-f5h9-3hpf-9j8m
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-f5h9-3hpf-9j8m
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-56.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-56.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4192
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4192
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4192, GHSA-f5h9-3hpf-9j8m, PYSEC-2014-56
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dwph-zncb-fkhv
25
url VCID-ezb4-3xtr-h3g6
vulnerability_id VCID-ezb4-3xtr-h3g6
summary Plone Sandbox Escape
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5524.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5524.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5524
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.40073
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5524
2
reference_url https://github.com/plone/Products.CMFPlone/commit/a7d47692058e10ce89968e7ca4dacbdf44fcad4f
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/a7d47692058e10ce89968e7ca4dacbdf44fcad4f
3
reference_url https://github.com/plone/Products.CMFPlone/pull/1912
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/1912
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-81.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-81.yaml
5
reference_url https://plone.org/security/hotfix/20170117/sandbox-escape
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20170117/sandbox-escape
6
reference_url http://www.openwall.com/lists/oss-security/2017/01/18/6
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2017/01/18/6
7
reference_url http://www.securityfocus.com/bid/95679
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95679
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1436640
reference_id 1436640
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1436640
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5524
reference_id CVE-2017-5524
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-5524
10
reference_url https://github.com/advisories/GHSA-p5wr-vp8g-q5p4
reference_id GHSA-p5wr-vp8g-q5p4
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-p5wr-vp8g-q5p4
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-37gz-3kz2-pyh5
2
vulnerability VCID-4yk1-dgbv-rubx
3
vulnerability VCID-7h1m-1f34-5qcs
4
vulnerability VCID-7w2h-6rxu-xqcd
5
vulnerability VCID-8kb4-bxbj-4udw
6
vulnerability VCID-9qpy-74mb-cfc6
7
vulnerability VCID-br6e-6exv-ykg6
8
vulnerability VCID-d874-w13w-qkey
9
vulnerability VCID-hb8u-3ubs-x7hf
10
vulnerability VCID-hgwu-kg1s-ffcn
11
vulnerability VCID-kzvb-7yn4-qbb9
12
vulnerability VCID-mu4f-29hh-dbhp
13
vulnerability VCID-n722-gtzf-gqgd
14
vulnerability VCID-nzjx-cckn-dfbc
15
vulnerability VCID-qmqy-eng1-3ka6
16
vulnerability VCID-rmp2-rsv7-auds
17
vulnerability VCID-t8kn-cm9s-yfgv
18
vulnerability VCID-tkhq-78vd-aygx
19
vulnerability VCID-ub1u-ev6d-sugd
20
vulnerability VCID-utck-uem9-n7a6
21
vulnerability VCID-w7wr-p69p-13dw
22
vulnerability VCID-ys36-9r8f-63ab
23
vulnerability VCID-z48y-dbfw-ubea
24
vulnerability VCID-znrm-edqa-nfbe
25
vulnerability VCID-zny3-fyqj-h7bm
26
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-2ym8-nhsc-j7hf
2
vulnerability VCID-37gz-3kz2-pyh5
3
vulnerability VCID-4yk1-dgbv-rubx
4
vulnerability VCID-6e71-df37-yyf1
5
vulnerability VCID-7w2h-6rxu-xqcd
6
vulnerability VCID-8kb4-bxbj-4udw
7
vulnerability VCID-9qpy-74mb-cfc6
8
vulnerability VCID-br6e-6exv-ykg6
9
vulnerability VCID-d874-w13w-qkey
10
vulnerability VCID-hb8u-3ubs-x7hf
11
vulnerability VCID-hgwu-kg1s-ffcn
12
vulnerability VCID-kzvb-7yn4-qbb9
13
vulnerability VCID-m1gb-mydp-bbez
14
vulnerability VCID-mu4f-29hh-dbhp
15
vulnerability VCID-n722-gtzf-gqgd
16
vulnerability VCID-nzjx-cckn-dfbc
17
vulnerability VCID-qmqy-eng1-3ka6
18
vulnerability VCID-rmp2-rsv7-auds
19
vulnerability VCID-t8kn-cm9s-yfgv
20
vulnerability VCID-tkhq-78vd-aygx
21
vulnerability VCID-ub1u-ev6d-sugd
22
vulnerability VCID-utck-uem9-n7a6
23
vulnerability VCID-w7wr-p69p-13dw
24
vulnerability VCID-ys36-9r8f-63ab
25
vulnerability VCID-z48y-dbfw-ubea
26
vulnerability VCID-znrm-edqa-nfbe
27
vulnerability VCID-zny3-fyqj-h7bm
28
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
2
url pkg:pypi/plone@5.1b1
purl pkg:pypi/plone@5.1b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-2ym8-nhsc-j7hf
2
vulnerability VCID-37gz-3kz2-pyh5
3
vulnerability VCID-4yk1-dgbv-rubx
4
vulnerability VCID-7w2h-6rxu-xqcd
5
vulnerability VCID-8kb4-bxbj-4udw
6
vulnerability VCID-9qpy-74mb-cfc6
7
vulnerability VCID-br6e-6exv-ykg6
8
vulnerability VCID-d874-w13w-qkey
9
vulnerability VCID-hb8u-3ubs-x7hf
10
vulnerability VCID-hgwu-kg1s-ffcn
11
vulnerability VCID-kzvb-7yn4-qbb9
12
vulnerability VCID-m1gb-mydp-bbez
13
vulnerability VCID-mu4f-29hh-dbhp
14
vulnerability VCID-n722-gtzf-gqgd
15
vulnerability VCID-qmqy-eng1-3ka6
16
vulnerability VCID-t8kn-cm9s-yfgv
17
vulnerability VCID-tkhq-78vd-aygx
18
vulnerability VCID-ub1u-ev6d-sugd
19
vulnerability VCID-utck-uem9-n7a6
20
vulnerability VCID-w7wr-p69p-13dw
21
vulnerability VCID-ys36-9r8f-63ab
22
vulnerability VCID-z48y-dbfw-ubea
23
vulnerability VCID-znrm-edqa-nfbe
24
vulnerability VCID-zny3-fyqj-h7bm
25
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1b1
aliases CVE-2017-5524, GHSA-p5wr-vp8g-q5p4, PYSEC-2017-81
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezb4-3xtr-h3g6
26
url VCID-fpv9-t5ew-aqe2
vulnerability_id VCID-fpv9-t5ew-aqe2
summary Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5502.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5502.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5502
reference_id
reference_type
scores
0
value 0.00152
scoring_system epss
scoring_elements 0.3559
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5502
2
reference_url https://github.com/advisories/GHSA-hr59-35cr-qf43
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-hr59-35cr-qf43
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-44.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-44.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5502
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5502
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/18
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/18
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874643
reference_id 874643
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874643
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5502, GHSA-hr59-35cr-qf43, PYSEC-2014-44
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fpv9-t5ew-aqe2
27
url VCID-fxx5-msd8-1fh8
vulnerability_id VCID-fxx5-msd8-1fh8
summary Cross-site scripting (XSS) vulnerability in widget_traversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5504.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5504.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5504
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52297
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5504
2
reference_url https://github.com/advisories/GHSA-5whw-5cmm-9jw4
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-5whw-5cmm-9jw4
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-46.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-46.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5504
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5504
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/20
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/20
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874219
reference_id 874219
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874219
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5504, GHSA-5whw-5cmm-9jw4, PYSEC-2014-46
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fxx5-msd8-1fh8
28
url VCID-fz81-dgb8-27gh
vulnerability_id VCID-fz81-dgb8-27gh
summary registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5485.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5485.json
3
reference_url https://access.redhat.com/security/cve/CVE-2012-5485
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5485
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5485
reference_id
reference_type
scores
0
value 0.00599
scoring_system epss
scoring_elements 0.69916
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5485
5
reference_url https://github.com/advisories/GHSA-7hxc-mwx7-5hmc
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-7hxc-mwx7-5hmc
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-27.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-27.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5485
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5485
10
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
11
reference_url https://plone.org/products/plone/security/advisories/20121106/01
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/01
12
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878934
reference_id 878934
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=878934
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5485, GHSA-7hxc-mwx7-5hmc, PYSEC-2014-27
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fz81-dgb8-27gh
29
url VCID-hb8u-3ubs-x7hf
vulnerability_id VCID-hb8u-3ubs-x7hf
summary Cross-Frame Scripting vulnerability has been found on Plone CMS
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-0669
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15946
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-0669
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://www.incibe.es/en/incibe-cert/notices/aviso/cross-frame-scripting-xfs-plone-cms
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.incibe.es/en/incibe-cert/notices/aviso/cross-frame-scripting-xfs-plone-cms
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-0669
reference_id CVE-2024-0669
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-0669
4
reference_url https://github.com/advisories/GHSA-5xfx-55x4-j223
reference_id GHSA-5xfx-55x4-j223
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5xfx-55x4-j223
fixed_packages
0
url pkg:pypi/plone@6.0.6
purl pkg:pypi/plone@6.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@6.0.6
1
url pkg:pypi/plone@6.0.7
purl pkg:pypi/plone@6.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@6.0.7
aliases CVE-2024-0669, GHSA-5xfx-55x4-j223
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hb8u-3ubs-x7hf
30
url VCID-hgwu-kg1s-ffcn
vulnerability_id VCID-hgwu-kg1s-ffcn
summary Plone through 5.2.4 allows stored XSS attacks (by a Contributor) by uploading an SVG or HTML document.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33512
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.53951
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33512
1
reference_url https://github.com/advisories/GHSA-hm2h-f456-6j88
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hm2h-f456-6j88
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-84.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-84.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33512
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33512
4
reference_url https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html
5
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb8u-3ubs-x7hf
1
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33512, GHSA-hm2h-f456-6j88, PYSEC-2021-84
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgwu-kg1s-ffcn
31
url VCID-kmz7-9j1z-6fdp
vulnerability_id VCID-kmz7-9j1z-6fdp
summary member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4197
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.66339
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4197
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978478
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978478
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-jjvw-3h9j-p7jf
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-jjvw-3h9j-p7jf
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-61.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-61.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4197
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4197
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4197, GHSA-jjvw-3h9j-p7jf, PYSEC-2014-61
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kmz7-9j1z-6fdp
32
url VCID-m758-7mkw-g7ac
vulnerability_id VCID-m758-7mkw-g7ac
summary kupu_spellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service (ZServer thread lock) via a crafted URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5496.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5496.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5496
reference_id
reference_type
scores
0
value 0.00603
scoring_system epss
scoring_elements 0.70038
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5496
2
reference_url https://github.com/advisories/GHSA-gx6w-hcw3-5r37
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-gx6w-hcw3-5r37
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-38.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-38.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5496
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5496
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/12
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/12
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874685
reference_id 874685
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874685
fixed_packages
0
url pkg:pypi/plone@3.3.6
purl pkg:pypi/plone@3.3.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-7zku-wweg-xua6
21
vulnerability VCID-9qpy-74mb-cfc6
22
vulnerability VCID-afnm-51yp-4bhc
23
vulnerability VCID-asdu-my4z-4kct
24
vulnerability VCID-br6e-6exv-ykg6
25
vulnerability VCID-cfen-6xpt-rqa3
26
vulnerability VCID-d874-w13w-qkey
27
vulnerability VCID-dur5-cy82-1kex
28
vulnerability VCID-dwph-zncb-fkhv
29
vulnerability VCID-ezb4-3xtr-h3g6
30
vulnerability VCID-fpv9-t5ew-aqe2
31
vulnerability VCID-fxx5-msd8-1fh8
32
vulnerability VCID-fz81-dgb8-27gh
33
vulnerability VCID-hb8u-3ubs-x7hf
34
vulnerability VCID-hgwu-kg1s-ffcn
35
vulnerability VCID-jduh-f7z9-3qcc
36
vulnerability VCID-jp3d-8ja2-c3a6
37
vulnerability VCID-kcx4-zkp3-xucf
38
vulnerability VCID-kmz7-9j1z-6fdp
39
vulnerability VCID-m758-7mkw-g7ac
40
vulnerability VCID-m7pv-me1q-6kh7
41
vulnerability VCID-m98v-y63a-1yfr
42
vulnerability VCID-mqru-hkfz-xkan
43
vulnerability VCID-mu4f-29hh-dbhp
44
vulnerability VCID-n722-gtzf-gqgd
45
vulnerability VCID-nedk-vykq-xfda
46
vulnerability VCID-nkez-59zg-8fan
47
vulnerability VCID-nzjx-cckn-dfbc
48
vulnerability VCID-p3mr-uajx-k7gg
49
vulnerability VCID-pbhm-ufh6-cufd
50
vulnerability VCID-pv6u-hm6u-hbc1
51
vulnerability VCID-q5np-v195-tkbz
52
vulnerability VCID-qmqy-eng1-3ka6
53
vulnerability VCID-qww5-d5cg-jfb5
54
vulnerability VCID-rdn1-sepc-xbdm
55
vulnerability VCID-rmp2-rsv7-auds
56
vulnerability VCID-rqej-4883-q3ee
57
vulnerability VCID-rsqs-u4ct-gbar
58
vulnerability VCID-rx3j-xjyn-6qbj
59
vulnerability VCID-rxv3-yw68-a3cp
60
vulnerability VCID-su9w-erpw-mqc3
61
vulnerability VCID-t8kn-cm9s-yfgv
62
vulnerability VCID-tw7a-kck8-83dq
63
vulnerability VCID-utck-uem9-n7a6
64
vulnerability VCID-uty1-5bvq-ffda
65
vulnerability VCID-vym8-d8sa-bye2
66
vulnerability VCID-w7wr-p69p-13dw
67
vulnerability VCID-wxg7-n2p4-ayhw
68
vulnerability VCID-wxz6-ka2n-jbdz
69
vulnerability VCID-xpdr-51cb-yudn
70
vulnerability VCID-xsyw-pfvg-4qfm
71
vulnerability VCID-ys36-9r8f-63ab
72
vulnerability VCID-ys4v-vwrn-4fa7
73
vulnerability VCID-z48y-dbfw-ubea
74
vulnerability VCID-znrm-edqa-nfbe
75
vulnerability VCID-zny3-fyqj-h7bm
76
vulnerability VCID-zpcq-187m-p3hk
77
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@3.3.6
1
url pkg:pypi/plone@4.0
purl pkg:pypi/plone@4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-7zku-wweg-xua6
21
vulnerability VCID-8kb4-bxbj-4udw
22
vulnerability VCID-9qpy-74mb-cfc6
23
vulnerability VCID-afnm-51yp-4bhc
24
vulnerability VCID-bdam-dhg3-5kap
25
vulnerability VCID-br6e-6exv-ykg6
26
vulnerability VCID-cfen-6xpt-rqa3
27
vulnerability VCID-d874-w13w-qkey
28
vulnerability VCID-dur5-cy82-1kex
29
vulnerability VCID-dwph-zncb-fkhv
30
vulnerability VCID-ezb4-3xtr-h3g6
31
vulnerability VCID-fpv9-t5ew-aqe2
32
vulnerability VCID-fxx5-msd8-1fh8
33
vulnerability VCID-fz81-dgb8-27gh
34
vulnerability VCID-hb8u-3ubs-x7hf
35
vulnerability VCID-hgwu-kg1s-ffcn
36
vulnerability VCID-jduh-f7z9-3qcc
37
vulnerability VCID-jp3d-8ja2-c3a6
38
vulnerability VCID-kcx4-zkp3-xucf
39
vulnerability VCID-kmz7-9j1z-6fdp
40
vulnerability VCID-m7pv-me1q-6kh7
41
vulnerability VCID-m98v-y63a-1yfr
42
vulnerability VCID-mqru-hkfz-xkan
43
vulnerability VCID-mu4f-29hh-dbhp
44
vulnerability VCID-n722-gtzf-gqgd
45
vulnerability VCID-nedk-vykq-xfda
46
vulnerability VCID-nkez-59zg-8fan
47
vulnerability VCID-nr4g-tdxq-byhh
48
vulnerability VCID-nzjx-cckn-dfbc
49
vulnerability VCID-p3mr-uajx-k7gg
50
vulnerability VCID-pbhm-ufh6-cufd
51
vulnerability VCID-pv6u-hm6u-hbc1
52
vulnerability VCID-q5np-v195-tkbz
53
vulnerability VCID-qmqy-eng1-3ka6
54
vulnerability VCID-qww5-d5cg-jfb5
55
vulnerability VCID-rdn1-sepc-xbdm
56
vulnerability VCID-rmp2-rsv7-auds
57
vulnerability VCID-rqej-4883-q3ee
58
vulnerability VCID-rsqs-u4ct-gbar
59
vulnerability VCID-rx3j-xjyn-6qbj
60
vulnerability VCID-rxv3-yw68-a3cp
61
vulnerability VCID-su9w-erpw-mqc3
62
vulnerability VCID-t8kn-cm9s-yfgv
63
vulnerability VCID-tkhq-78vd-aygx
64
vulnerability VCID-tw7a-kck8-83dq
65
vulnerability VCID-utck-uem9-n7a6
66
vulnerability VCID-uty1-5bvq-ffda
67
vulnerability VCID-vym8-d8sa-bye2
68
vulnerability VCID-w7wr-p69p-13dw
69
vulnerability VCID-wxg7-n2p4-ayhw
70
vulnerability VCID-wxz6-ka2n-jbdz
71
vulnerability VCID-xpdr-51cb-yudn
72
vulnerability VCID-xsyw-pfvg-4qfm
73
vulnerability VCID-ys36-9r8f-63ab
74
vulnerability VCID-ys4v-vwrn-4fa7
75
vulnerability VCID-z48y-dbfw-ubea
76
vulnerability VCID-znrm-edqa-nfbe
77
vulnerability VCID-zny3-fyqj-h7bm
78
vulnerability VCID-zpcq-187m-p3hk
79
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0
aliases CVE-2012-5496, GHSA-gx6w-hcw3-5r37, PYSEC-2014-38
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m758-7mkw-g7ac
33
url VCID-m7pv-me1q-6kh7
vulnerability_id VCID-m7pv-me1q-6kh7
summary mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4198
reference_id
reference_type
scores
0
value 0.00305
scoring_system epss
scoring_elements 0.54183
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4198
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978480
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978480
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-qjxf-6pr8-j87v
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-qjxf-6pr8-j87v
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-62.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-62.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4198
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4198
9
reference_url https://pypi.org/project/Products.PloneHotfix20130618
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/Products.PloneHotfix20130618
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4198, GHSA-qjxf-6pr8-j87v, PYSEC-2014-62
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7pv-me1q-6kh7
34
url VCID-m98v-y63a-1yfr
vulnerability_id VCID-m98v-y63a-1yfr
summary at_download.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read arbitrary BLOBs (Files and Images) stored on custom content types via a crafted URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5501.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5501.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5501
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55373
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5501
2
reference_url https://github.com/advisories/GHSA-pvhv-qwc8-r2pg
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-pvhv-qwc8-r2pg
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-43.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-43.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5501
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5501
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/17
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874162
reference_id 874162
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874162
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5501, GHSA-pvhv-qwc8-r2pg, PYSEC-2014-43
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m98v-y63a-1yfr
35
url VCID-mqru-hkfz-xkan
vulnerability_id VCID-mqru-hkfz-xkan
summary membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5497.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5497.json
3
reference_url https://access.redhat.com/security/cve/CVE-2012-5497
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5497
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5497
reference_id
reference_type
scores
0
value 0.00435
scoring_system epss
scoring_elements 0.63313
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5497
5
reference_url https://github.com/advisories/GHSA-683w-84m7-p8pw
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-683w-84m7-p8pw
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
8
reference_url https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa
9
reference_url https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-39.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-39.yaml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5497
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5497
12
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
13
reference_url https://plone.org/products/plone/security/advisories/20121106/13
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/13
14
reference_url https://web.archive.org/web/20131103175056/https://plone.org/products/plone/security/advisories/20121106/13
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131103175056/https://plone.org/products/plone/security/advisories/20121106/13
15
reference_url https://web.archive.org/web/20131114082527/https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131114082527/https://plone.org/products/plone-hotfix/releases/20121106
16
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874681
reference_id 874681
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=874681
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5497, GHSA-683w-84m7-p8pw, PYSEC-2014-39
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mqru-hkfz-xkan
36
url VCID-mu4f-29hh-dbhp
vulnerability_id VCID-mu4f-29hh-dbhp
summary Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33509
reference_id
reference_type
scores
0
value 0.00846
scoring_system epss
scoring_elements 0.75265
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33509
1
reference_url https://github.com/advisories/GHSA-hm2p-fhwx-9285
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hm2p-fhwx-9285
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-81.yaml
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-81.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33509
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33509
5
reference_url https://plone.org/security/hotfix/20210518/writing-arbitrary-files-via-docutils-and-python-script
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/writing-arbitrary-files-via-docutils-and-python-script
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb8u-3ubs-x7hf
1
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33509, GHSA-hm2p-fhwx-9285, PYSEC-2021-81
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mu4f-29hh-dbhp
37
url VCID-n722-gtzf-gqgd
vulnerability_id VCID-n722-gtzf-gqgd
summary Plone Open Redirect
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000484.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000484.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000484
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41545
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000484
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/plone/Products.CMFPlone/issues/2232
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/2232
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-73.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-73.yaml
5
reference_url https://plone.org/security/hotfix/20171128/an-open-redirection-when-calling-a-specific-url
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20171128/an-open-redirection-when-calling-a-specific-url
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1532487
reference_id 1532487
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1532487
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000484
reference_id CVE-2017-1000484
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000484
8
reference_url https://github.com/advisories/GHSA-xvwv-6wvx-px9x
reference_id GHSA-xvwv-6wvx-px9x
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xvwv-6wvx-px9x
fixed_packages
0
url pkg:pypi/plone@4.3.16
purl pkg:pypi/plone@4.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7h1m-1f34-5qcs
3
vulnerability VCID-7w2h-6rxu-xqcd
4
vulnerability VCID-8kb4-bxbj-4udw
5
vulnerability VCID-9qpy-74mb-cfc6
6
vulnerability VCID-br6e-6exv-ykg6
7
vulnerability VCID-d874-w13w-qkey
8
vulnerability VCID-hb8u-3ubs-x7hf
9
vulnerability VCID-hgwu-kg1s-ffcn
10
vulnerability VCID-kzvb-7yn4-qbb9
11
vulnerability VCID-mu4f-29hh-dbhp
12
vulnerability VCID-n722-gtzf-gqgd
13
vulnerability VCID-nzjx-cckn-dfbc
14
vulnerability VCID-qmqy-eng1-3ka6
15
vulnerability VCID-rmp2-rsv7-auds
16
vulnerability VCID-t8kn-cm9s-yfgv
17
vulnerability VCID-tkhq-78vd-aygx
18
vulnerability VCID-ub1u-ev6d-sugd
19
vulnerability VCID-utck-uem9-n7a6
20
vulnerability VCID-z48y-dbfw-ubea
21
vulnerability VCID-znrm-edqa-nfbe
22
vulnerability VCID-zny3-fyqj-h7bm
23
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16
1
url pkg:pypi/plone@5.1.0
purl pkg:pypi/plone@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-2ym8-nhsc-j7hf
2
vulnerability VCID-4yk1-dgbv-rubx
3
vulnerability VCID-7w2h-6rxu-xqcd
4
vulnerability VCID-8kb4-bxbj-4udw
5
vulnerability VCID-9qpy-74mb-cfc6
6
vulnerability VCID-br6e-6exv-ykg6
7
vulnerability VCID-d874-w13w-qkey
8
vulnerability VCID-hb8u-3ubs-x7hf
9
vulnerability VCID-hgwu-kg1s-ffcn
10
vulnerability VCID-kzvb-7yn4-qbb9
11
vulnerability VCID-m1gb-mydp-bbez
12
vulnerability VCID-mu4f-29hh-dbhp
13
vulnerability VCID-qmqy-eng1-3ka6
14
vulnerability VCID-t8kn-cm9s-yfgv
15
vulnerability VCID-tkhq-78vd-aygx
16
vulnerability VCID-ub1u-ev6d-sugd
17
vulnerability VCID-utck-uem9-n7a6
18
vulnerability VCID-z48y-dbfw-ubea
19
vulnerability VCID-znrm-edqa-nfbe
20
vulnerability VCID-zny3-fyqj-h7bm
21
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0
aliases CVE-2017-1000484, GHSA-xvwv-6wvx-px9x, PYSEC-2018-73
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n722-gtzf-gqgd
38
url VCID-nedk-vykq-xfda
vulnerability_id VCID-nedk-vykq-xfda
summary Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4190
reference_id
reference_type
scores
0
value 0.00256
scoring_system epss
scoring_elements 0.49253
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4190
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978451
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978451
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-89rq-27xp-vgv7
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-89rq-27xp-vgv7
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-54.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-54.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4190
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4190
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4190, GHSA-89rq-27xp-vgv7, PYSEC-2014-54
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nedk-vykq-xfda
39
url VCID-p3mr-uajx-k7gg
vulnerability_id VCID-p3mr-uajx-k7gg
summary Plone and Zope2 vulnerable to unauthorized access to restricted attributes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5489.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5489.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5489
reference_id
reference_type
scores
0
value 0.00575
scoring_system epss
scoring_elements 0.69231
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5489
2
reference_url https://bugs.launchpad.net/zope2/+bug/1079238
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1079238
3
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-31.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-31.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-74.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-74.yaml
6
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
7
reference_url https://plone.org/products/plone/security/advisories/20121106/05
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/05
8
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878961
reference_id 878961
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=878961
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5489
reference_id CVE-2012-5489
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5489
11
reference_url https://github.com/advisories/GHSA-879r-7f3w-8jj3
reference_id GHSA-879r-7f3w-8jj3
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-879r-7f3w-8jj3
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5489, GHSA-879r-7f3w-8jj3, PYSEC-2014-31, PYSEC-2014-74
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p3mr-uajx-k7gg
40
url VCID-pbhm-ufh6-cufd
vulnerability_id VCID-pbhm-ufh6-cufd
summary HTTP header injection in Plone and Zope2
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5486.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5486.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5486
reference_id
reference_type
scores
0
value 0.00821
scoring_system epss
scoring_elements 0.74842
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5486
4
reference_url https://bugs.launchpad.net/zope2/+bug/930812
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/930812
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878939
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=878939
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-28.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-28.yaml
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-73.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-73.yaml
8
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
9
reference_url https://plone.org/products/plone/security/advisories/20121106/02
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/02
10
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
11
reference_url https://access.redhat.com/security/cve/CVE-2012-5486
reference_id CVE-2012-5486
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5486
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5486
reference_id CVE-2012-5486
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5486
13
reference_url https://github.com/advisories/GHSA-77hv-8796-8ccp
reference_id GHSA-77hv-8796-8ccp
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-77hv-8796-8ccp
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5486, GHSA-77hv-8796-8ccp, PYSEC-2014-28, PYSEC-2014-73
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbhm-ufh6-cufd
41
url VCID-pv6u-hm6u-hbc1
vulnerability_id VCID-pv6u-hm6u-hbc1
summary z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5491.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5491.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5491
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55373
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5491
2
reference_url https://github.com/advisories/GHSA-f8pg-wp5j-rjxx
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-f8pg-wp5j-rjxx
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-33.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-33.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5491
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5491
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/07
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/07
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874131
reference_id 874131
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874131
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5491, GHSA-f8pg-wp5j-rjxx, PYSEC-2014-33
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pv6u-hm6u-hbc1
42
url VCID-q5np-v195-tkbz
vulnerability_id VCID-q5np-v195-tkbz
summary Plone and Zope2 affected by Race Condition
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5507.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5507.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5507
reference_id
reference_type
scores
0
value 0.00276
scoring_system epss
scoring_elements 0.51372
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5507
2
reference_url https://bugs.launchpad.net/zope2/+bug/1071067
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1071067
3
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-49.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-49.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-75.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-75.yaml
6
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
7
reference_url https://plone.org/products/plone/security/advisories/20121106/23
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/23
8
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874110
reference_id 874110
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874110
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5507
reference_id CVE-2012-5507
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5507
11
reference_url https://github.com/advisories/GHSA-3qpr-7rmg-73v8
reference_id GHSA-3qpr-7rmg-73v8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3qpr-7rmg-73v8
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5507, GHSA-3qpr-7rmg-73v8, PYSEC-2014-49, PYSEC-2014-75
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q5np-v195-tkbz
43
url VCID-qmqy-eng1-3ka6
vulnerability_id VCID-qmqy-eng1-3ka6
summary Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33510
reference_id
reference_type
scores
0
value 0.0012
scoring_system epss
scoring_elements 0.30522
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33510
1
reference_url https://github.com/advisories/GHSA-4mg4-wvmx-5332
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-4mg4-wvmx-5332
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-82.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-82.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33510
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33510
5
reference_url https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-event-ical-url
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-event-ical-url
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb8u-3ubs-x7hf
1
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33510, GHSA-4mg4-wvmx-5332, PYSEC-2021-82
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmqy-eng1-3ka6
44
url VCID-rdn1-sepc-xbdm
vulnerability_id VCID-rdn1-sepc-xbdm
summary (1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed).
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4199
reference_id
reference_type
scores
0
value 0.0048
scoring_system epss
scoring_elements 0.65549
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4199
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978482
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978482
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-xfjq-9rxq-ph6m
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-xfjq-9rxq-ph6m
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-63.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-63.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4199
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4199
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4199, GHSA-xfjq-9rxq-ph6m, PYSEC-2014-63
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rdn1-sepc-xbdm
45
url VCID-rqej-4883-q3ee
vulnerability_id VCID-rqej-4883-q3ee
summary python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5488.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5488.json
3
reference_url https://access.redhat.com/security/cve/CVE-2012-5488
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5488
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5488
reference_id
reference_type
scores
0
value 0.0064
scoring_system epss
scoring_elements 0.7104
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5488
5
reference_url https://github.com/advisories/GHSA-cxw7-85xm-3xrc
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-cxw7-85xm-3xrc
6
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
7
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
8
reference_url https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa
9
reference_url https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-30.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-30.yaml
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5488
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5488
12
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
13
reference_url https://plone.org/products/plone/security/advisories/20121106/04
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/04
14
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878945
reference_id 878945
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=878945
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5488, GHSA-cxw7-85xm-3xrc, PYSEC-2014-30
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rqej-4883-q3ee
46
url VCID-rsqs-u4ct-gbar
vulnerability_id VCID-rsqs-u4ct-gbar
summary The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5487.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5487.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5487
reference_id
reference_type
scores
0
value 0.00656
scoring_system epss
scoring_elements 0.715
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5487
2
reference_url https://github.com/advisories/GHSA-9m4g-f42q-vrrh
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-9m4g-f42q-vrrh
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-29.yaml
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-29.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5487
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5487
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/03
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/03
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878941
reference_id 878941
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=878941
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5487, GHSA-9m4g-f42q-vrrh, PYSEC-2014-29
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsqs-u4ct-gbar
47
url VCID-rx3j-xjyn-6qbj
vulnerability_id VCID-rx3j-xjyn-6qbj
summary The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5500.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5500.json
3
reference_url https://access.redhat.com/security/cve/CVE-2012-5500
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5500
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5500
reference_id
reference_type
scores
0
value 0.00343
scoring_system epss
scoring_elements 0.57322
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5500
5
reference_url https://github.com/advisories/GHSA-2q75-f7cp-w86q
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-2q75-f7cp-w86q
6
reference_url https://github.com/plone/plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/plone
7
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-42.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-42.yaml
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5500
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5500
10
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
11
reference_url https://plone.org/products/plone/security/advisories/20121106/16
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/16
12
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874649
reference_id 874649
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=874649
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5500, GHSA-2q75-f7cp-w86q, PYSEC-2014-42
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rx3j-xjyn-6qbj
48
url VCID-rxv3-yw68-a3cp
vulnerability_id VCID-rxv3-yw68-a3cp
summary 
User information disclosure
A vulnerability allows unauthorized disclosure of registered user information.
references
0
reference_url https://plone.org/products/plone/security/advisories/20151208-announcement
reference_id
reference_type
scores
url https://plone.org/products/plone/security/advisories/20151208-announcement
fixed_packages
0
url pkg:pypi/plone@4.3.8
purl pkg:pypi/plone@4.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-177r-1ryk-pfbp
1
vulnerability VCID-1rvm-wt1t-kucb
2
vulnerability VCID-213v-yc9d-u7dx
3
vulnerability VCID-37gz-3kz2-pyh5
4
vulnerability VCID-4yk1-dgbv-rubx
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kzvb-7yn4-qbb9
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-rmp2-rsv7-auds
24
vulnerability VCID-t8kn-cm9s-yfgv
25
vulnerability VCID-tkhq-78vd-aygx
26
vulnerability VCID-ub1u-ev6d-sugd
27
vulnerability VCID-utck-uem9-n7a6
28
vulnerability VCID-w7wr-p69p-13dw
29
vulnerability VCID-xzvt-13fh-tubp
30
vulnerability VCID-ys36-9r8f-63ab
31
vulnerability VCID-z48y-dbfw-ubea
32
vulnerability VCID-znrm-edqa-nfbe
33
vulnerability VCID-zny3-fyqj-h7bm
34
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.8
1
url pkg:pypi/plone@5.0.1
purl pkg:pypi/plone@5.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-177r-1ryk-pfbp
1
vulnerability VCID-1rvm-wt1t-kucb
2
vulnerability VCID-213v-yc9d-u7dx
3
vulnerability VCID-2ym8-nhsc-j7hf
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-4yk1-dgbv-rubx
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-6e71-df37-yyf1
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jp3d-8ja2-c3a6
17
vulnerability VCID-kzvb-7yn4-qbb9
18
vulnerability VCID-m1gb-mydp-bbez
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-rmp2-rsv7-auds
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-ub1u-ev6d-sugd
29
vulnerability VCID-utck-uem9-n7a6
30
vulnerability VCID-w7wr-p69p-13dw
31
vulnerability VCID-xzvt-13fh-tubp
32
vulnerability VCID-ys36-9r8f-63ab
33
vulnerability VCID-z48y-dbfw-ubea
34
vulnerability VCID-znrm-edqa-nfbe
35
vulnerability VCID-zny3-fyqj-h7bm
36
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.1
aliases GMS-2015-51
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rxv3-yw68-a3cp
49
url VCID-su9w-erpw-mqc3
vulnerability_id VCID-su9w-erpw-mqc3
summary Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, and (3) traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4189
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.66339
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4189
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978450
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978450
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-pwpq-632g-h49g
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-pwpq-632g-h49g
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-53.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-53.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4189
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4189
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4189, GHSA-pwpq-632g-h49g, PYSEC-2014-53
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-su9w-erpw-mqc3
50
url VCID-t8kn-cm9s-yfgv
vulnerability_id VCID-t8kn-cm9s-yfgv
summary Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata (therefore, only available to the Manager role).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28736
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65733
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28736
1
reference_url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
2
reference_url https://github.com/advisories/GHSA-2c8c-84w2-j38j
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2c8c-84w2-j38j
3
reference_url https://github.com/plone/Products.CMFPlone/issues/3209
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/3209
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-248.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-248.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28736
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28736
6
reference_url https://www.misakikata.com/codes/plone/python-en.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.misakikata.com/codes/plone/python-en.html
fixed_packages
0
url pkg:pypi/plone@5.2.3
purl pkg:pypi/plone@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ym8-nhsc-j7hf
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7w2h-6rxu-xqcd
3
vulnerability VCID-9qpy-74mb-cfc6
4
vulnerability VCID-br6e-6exv-ykg6
5
vulnerability VCID-d874-w13w-qkey
6
vulnerability VCID-hb8u-3ubs-x7hf
7
vulnerability VCID-hgwu-kg1s-ffcn
8
vulnerability VCID-mu4f-29hh-dbhp
9
vulnerability VCID-qmqy-eng1-3ka6
10
vulnerability VCID-z48y-dbfw-ubea
11
vulnerability VCID-znrm-edqa-nfbe
12
vulnerability VCID-zny3-fyqj-h7bm
13
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3
aliases CVE-2020-28736, GHSA-2c8c-84w2-j38j, PYSEC-2020-248
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8kn-cm9s-yfgv
51
url VCID-tw7a-kck8-83dq
vulnerability_id VCID-tw7a-kck8-83dq
summary uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5492.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5492.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5492
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55373
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5492
2
reference_url https://github.com/advisories/GHSA-6w93-4c4p-xv2x
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-6w93-4c4p-xv2x
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-34.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-34.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5492
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5492
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/08
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/08
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874717
reference_id 874717
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874717
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5492, GHSA-6w93-4c4p-xv2x, PYSEC-2014-34
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tw7a-kck8-83dq
52
url VCID-utck-uem9-n7a6
vulnerability_id VCID-utck-uem9-n7a6
summary Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28735
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65733
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28735
1
reference_url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
2
reference_url https://github.com/advisories/GHSA-x7wf-5mjc-6x76
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-x7wf-5mjc-6x76
3
reference_url https://github.com/plone/Products.CMFPlone/issues/3209
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/3209
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-247.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-247.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28735
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28735
6
reference_url https://www.misakikata.com/codes/plone/python-en.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.misakikata.com/codes/plone/python-en.html
fixed_packages
0
url pkg:pypi/plone@5.2.3
purl pkg:pypi/plone@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2ym8-nhsc-j7hf
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7w2h-6rxu-xqcd
3
vulnerability VCID-9qpy-74mb-cfc6
4
vulnerability VCID-br6e-6exv-ykg6
5
vulnerability VCID-d874-w13w-qkey
6
vulnerability VCID-hb8u-3ubs-x7hf
7
vulnerability VCID-hgwu-kg1s-ffcn
8
vulnerability VCID-mu4f-29hh-dbhp
9
vulnerability VCID-qmqy-eng1-3ka6
10
vulnerability VCID-z48y-dbfw-ubea
11
vulnerability VCID-znrm-edqa-nfbe
12
vulnerability VCID-zny3-fyqj-h7bm
13
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3
aliases CVE-2020-28735, GHSA-x7wf-5mjc-6x76, PYSEC-2020-247
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utck-uem9-n7a6
53
url VCID-uty1-5bvq-ffda
vulnerability_id VCID-uty1-5bvq-ffda
summary The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4200
reference_id
reference_type
scores
0
value 0.05344
scoring_system epss
scoring_elements 0.90278
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4200
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200
4
reference_url https://github.com/advisories/GHSA-56p3-rrp4-2j82
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-56p3-rrp4-2j82
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-64.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-64.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4200
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4200
8
reference_url http://www.openwall.com/lists/oss-security/2013/08/01/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/08/01/2
9
reference_url http://www.securityfocus.com/archive/1/530787/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/530787/100/0/threaded
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38738.txt
reference_id CVE-2013-4200;OSVDB-95863
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38738.txt
11
reference_url https://www.securityfocus.com/bid/61964/info
reference_id CVE-2013-4200;OSVDB-95863
reference_type exploit
scores
url https://www.securityfocus.com/bid/61964/info
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4200, GHSA-56p3-rrp4-2j82, PYSEC-2014-64
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uty1-5bvq-ffda
54
url VCID-vym8-d8sa-bye2
vulnerability_id VCID-vym8-d8sa-bye2
summary Plone and plone.app.users allow remote authenticated users to modify the properties of arbitrary accounts
references
0
reference_url http://osvdb.org/72729
reference_id
reference_type
scores
url http://osvdb.org/72729
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1950.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1950.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1950
reference_id
reference_type
scores
0
value 0.00762
scoring_system epss
scoring_elements 0.73811
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1950
3
reference_url http://secunia.com/advisories/44775
reference_id
reference_type
scores
url http://secunia.com/advisories/44775
4
reference_url http://securityreason.com/securityalert/8269
reference_id
reference_type
scores
url http://securityreason.com/securityalert/8269
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/67695
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/67695
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-16.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-16.yaml
7
reference_url http://www.securityfocus.com/archive/1/518155/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/518155/100/0/threaded
8
reference_url http://www.securityfocus.com/bid/48005
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/48005
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=711496
reference_id 711496
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=711496
10
reference_url http://plone.org/products/plone/security/advisories/CVE-2011-1950
reference_id CVE-2011-1950
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/CVE-2011-1950
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-1950
reference_id CVE-2011-1950
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-1950
12
reference_url https://github.com/advisories/GHSA-2qx8-589j-gcpx
reference_id GHSA-2qx8-589j-gcpx
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2qx8-589j-gcpx
fixed_packages
0
url pkg:pypi/plone@4.0.6
purl pkg:pypi/plone@4.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1e1b-7fkz-rybz
4
vulnerability VCID-1j4m-pw7f-augk
5
vulnerability VCID-1rvm-wt1t-kucb
6
vulnerability VCID-213v-yc9d-u7dx
7
vulnerability VCID-21n8-a2su-nbbd
8
vulnerability VCID-2ped-pk9p-5be3
9
vulnerability VCID-37gz-3kz2-pyh5
10
vulnerability VCID-3kbx-xrnj-nyfu
11
vulnerability VCID-3rsq-dq49-uyfg
12
vulnerability VCID-3ufm-n2ku-8uax
13
vulnerability VCID-4qbd-mwc7-7kdw
14
vulnerability VCID-4r5c-efmk-8feu
15
vulnerability VCID-556h-c8hm-6qfc
16
vulnerability VCID-5qmx-515u-dbdq
17
vulnerability VCID-6xwh-jvge-fkf9
18
vulnerability VCID-7h1m-1f34-5qcs
19
vulnerability VCID-7w2h-6rxu-xqcd
20
vulnerability VCID-8kb4-bxbj-4udw
21
vulnerability VCID-9qpy-74mb-cfc6
22
vulnerability VCID-afnm-51yp-4bhc
23
vulnerability VCID-bdam-dhg3-5kap
24
vulnerability VCID-br6e-6exv-ykg6
25
vulnerability VCID-cfen-6xpt-rqa3
26
vulnerability VCID-d874-w13w-qkey
27
vulnerability VCID-dur5-cy82-1kex
28
vulnerability VCID-dwph-zncb-fkhv
29
vulnerability VCID-ezb4-3xtr-h3g6
30
vulnerability VCID-fpv9-t5ew-aqe2
31
vulnerability VCID-fxx5-msd8-1fh8
32
vulnerability VCID-fz81-dgb8-27gh
33
vulnerability VCID-hb8u-3ubs-x7hf
34
vulnerability VCID-hgwu-kg1s-ffcn
35
vulnerability VCID-jduh-f7z9-3qcc
36
vulnerability VCID-jp3d-8ja2-c3a6
37
vulnerability VCID-kcx4-zkp3-xucf
38
vulnerability VCID-kmz7-9j1z-6fdp
39
vulnerability VCID-m7pv-me1q-6kh7
40
vulnerability VCID-m98v-y63a-1yfr
41
vulnerability VCID-mqru-hkfz-xkan
42
vulnerability VCID-mu4f-29hh-dbhp
43
vulnerability VCID-n722-gtzf-gqgd
44
vulnerability VCID-nedk-vykq-xfda
45
vulnerability VCID-nkez-59zg-8fan
46
vulnerability VCID-nr4g-tdxq-byhh
47
vulnerability VCID-nzjx-cckn-dfbc
48
vulnerability VCID-p3mr-uajx-k7gg
49
vulnerability VCID-pbhm-ufh6-cufd
50
vulnerability VCID-pv6u-hm6u-hbc1
51
vulnerability VCID-q5np-v195-tkbz
52
vulnerability VCID-qmqy-eng1-3ka6
53
vulnerability VCID-qww5-d5cg-jfb5
54
vulnerability VCID-rdn1-sepc-xbdm
55
vulnerability VCID-rmp2-rsv7-auds
56
vulnerability VCID-rqej-4883-q3ee
57
vulnerability VCID-rsqs-u4ct-gbar
58
vulnerability VCID-rx3j-xjyn-6qbj
59
vulnerability VCID-rxv3-yw68-a3cp
60
vulnerability VCID-su9w-erpw-mqc3
61
vulnerability VCID-t8kn-cm9s-yfgv
62
vulnerability VCID-tkhq-78vd-aygx
63
vulnerability VCID-tw7a-kck8-83dq
64
vulnerability VCID-utck-uem9-n7a6
65
vulnerability VCID-uty1-5bvq-ffda
66
vulnerability VCID-vym8-d8sa-bye2
67
vulnerability VCID-w7wr-p69p-13dw
68
vulnerability VCID-wxg7-n2p4-ayhw
69
vulnerability VCID-wxz6-ka2n-jbdz
70
vulnerability VCID-xpdr-51cb-yudn
71
vulnerability VCID-xsyw-pfvg-4qfm
72
vulnerability VCID-ys36-9r8f-63ab
73
vulnerability VCID-ys4v-vwrn-4fa7
74
vulnerability VCID-z48y-dbfw-ubea
75
vulnerability VCID-znrm-edqa-nfbe
76
vulnerability VCID-zny3-fyqj-h7bm
77
vulnerability VCID-zpcq-187m-p3hk
78
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.6
1
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
aliases CVE-2011-1950, GHSA-2qx8-589j-gcpx, PYSEC-2011-16
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vym8-d8sa-bye2
55
url VCID-w7wr-p69p-13dw
vulnerability_id VCID-w7wr-p69p-13dw
summary Plone Unauthorized Access Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000483.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000483.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000483
reference_id
reference_type
scores
0
value 0.00294
scoring_system epss
scoring_elements 0.53121
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000483
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-72.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-72.yaml
4
reference_url https://plone.org/security/hotfix/20171128/sandbox-escape
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20171128/sandbox-escape
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1532484
reference_id 1532484
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1532484
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000483
reference_id CVE-2017-1000483
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000483
7
reference_url https://github.com/advisories/GHSA-qc57-h2f7-p4hx
reference_id GHSA-qc57-h2f7-p4hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qc57-h2f7-p4hx
fixed_packages
0
url pkg:pypi/plone@4.3.16
purl pkg:pypi/plone@4.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7h1m-1f34-5qcs
3
vulnerability VCID-7w2h-6rxu-xqcd
4
vulnerability VCID-8kb4-bxbj-4udw
5
vulnerability VCID-9qpy-74mb-cfc6
6
vulnerability VCID-br6e-6exv-ykg6
7
vulnerability VCID-d874-w13w-qkey
8
vulnerability VCID-hb8u-3ubs-x7hf
9
vulnerability VCID-hgwu-kg1s-ffcn
10
vulnerability VCID-kzvb-7yn4-qbb9
11
vulnerability VCID-mu4f-29hh-dbhp
12
vulnerability VCID-n722-gtzf-gqgd
13
vulnerability VCID-nzjx-cckn-dfbc
14
vulnerability VCID-qmqy-eng1-3ka6
15
vulnerability VCID-rmp2-rsv7-auds
16
vulnerability VCID-t8kn-cm9s-yfgv
17
vulnerability VCID-tkhq-78vd-aygx
18
vulnerability VCID-ub1u-ev6d-sugd
19
vulnerability VCID-utck-uem9-n7a6
20
vulnerability VCID-z48y-dbfw-ubea
21
vulnerability VCID-znrm-edqa-nfbe
22
vulnerability VCID-zny3-fyqj-h7bm
23
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16
1
url pkg:pypi/plone@5.1.0
purl pkg:pypi/plone@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-2ym8-nhsc-j7hf
2
vulnerability VCID-4yk1-dgbv-rubx
3
vulnerability VCID-7w2h-6rxu-xqcd
4
vulnerability VCID-8kb4-bxbj-4udw
5
vulnerability VCID-9qpy-74mb-cfc6
6
vulnerability VCID-br6e-6exv-ykg6
7
vulnerability VCID-d874-w13w-qkey
8
vulnerability VCID-hb8u-3ubs-x7hf
9
vulnerability VCID-hgwu-kg1s-ffcn
10
vulnerability VCID-kzvb-7yn4-qbb9
11
vulnerability VCID-m1gb-mydp-bbez
12
vulnerability VCID-mu4f-29hh-dbhp
13
vulnerability VCID-qmqy-eng1-3ka6
14
vulnerability VCID-t8kn-cm9s-yfgv
15
vulnerability VCID-tkhq-78vd-aygx
16
vulnerability VCID-ub1u-ev6d-sugd
17
vulnerability VCID-utck-uem9-n7a6
18
vulnerability VCID-z48y-dbfw-ubea
19
vulnerability VCID-znrm-edqa-nfbe
20
vulnerability VCID-zny3-fyqj-h7bm
21
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0
aliases CVE-2017-1000483, GHSA-qc57-h2f7-p4hx, PYSEC-2018-72
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w7wr-p69p-13dw
56
url VCID-wxg7-n2p4-ayhw
vulnerability_id VCID-wxg7-n2p4-ayhw
summary Plone and Zope2 do not reseed pseudo-random number generator
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6661.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6661.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6661
reference_id
reference_type
scores
0
value 0.00403
scoring_system epss
scoring_elements 0.61304
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6661
2
reference_url https://bugs.launchpad.net/zope2/+bug/1071067
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1071067
3
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-51.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-51.yaml
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-76.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-76.yaml
7
reference_url https://plone.org/products/plone-hotfix/releases/20121124
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121124
8
reference_url https://plone.org/products/plone/security/advisories/20121106/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/24
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874108
reference_id 874108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874108
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6661
reference_id CVE-2012-6661
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6661
12
reference_url https://github.com/advisories/GHSA-48vv-2pmq-9fvv
reference_id GHSA-48vv-2pmq-9fvv
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-48vv-2pmq-9fvv
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-6661, GHSA-48vv-2pmq-9fvv, PYSEC-2014-51, PYSEC-2014-76
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxg7-n2p4-ayhw
57
url VCID-wxz6-ka2n-jbdz
vulnerability_id VCID-wxz6-ka2n-jbdz
summary The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4196
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55373
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4196
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978475
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978475
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-qphh-5fv5-2mjj
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-qphh-5fv5-2mjj
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-60.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-60.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4196
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4196
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4196, GHSA-qphh-5fv5-2mjj, PYSEC-2014-60
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxz6-ka2n-jbdz
58
url VCID-xpdr-51cb-yudn
vulnerability_id VCID-xpdr-51cb-yudn
summary python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5506.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5506.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5506
reference_id
reference_type
scores
0
value 0.00603
scoring_system epss
scoring_elements 0.70038
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5506
2
reference_url https://github.com/advisories/GHSA-79hj-474h-v4xv
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-79hj-474h-v4xv
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-48.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-48.yaml
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5506
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5506
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/22
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874115
reference_id 874115
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874115
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5506, GHSA-79hj-474h-v4xv, PYSEC-2014-48
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpdr-51cb-yudn
59
url VCID-xsyw-pfvg-4qfm
vulnerability_id VCID-xsyw-pfvg-4qfm
summary The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6661 was assigned for the PRNG reseeding issue in Zope.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5508.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5508.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5508
reference_id
reference_type
scores
0
value 0.00357
scoring_system epss
scoring_elements 0.58361
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5508
2
reference_url https://bugs.launchpad.net/zope2/+bug/1071067
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1071067
3
reference_url https://github.com/advisories/GHSA-wprr-mc54-c62q
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-wprr-mc54-c62q
4
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
5
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-50.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-50.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5508
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5508
8
reference_url https://plone.org/products/plone-hotfix/releases/20121124
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121124
9
reference_url https://plone.org/products/plone/security/advisories/20121106/24
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/24
10
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874108
reference_id 874108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874108
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5508, GHSA-wprr-mc54-c62q, PYSEC-2014-50
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xsyw-pfvg-4qfm
60
url VCID-ys36-9r8f-63ab
vulnerability_id VCID-ys36-9r8f-63ab
summary When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login, you get redirected to the page you tried to view before. An attacker might try to abuse this by letting you click on a specially crafted link. You would login, and get redirected to the site of the attacker, letting you think that you are still on the original Plone site. Or some javascript of the attacker could be executed. Most of these types of attacks are already blocked by Plone, using the `isURLInPortal` check to make sure we only redirect to a page on the same Plone site. But a few more ways of tricking Plone into accepting a malicious link were discovered, and fixed with this hotfix.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000481.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000481.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000481
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41545
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000481
2
reference_url https://github.com/advisories/GHSA-8g72-gq68-6gqh
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-8g72-gq68-6gqh
3
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
4
reference_url https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
5
reference_url https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
6
reference_url https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
7
reference_url https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
8
reference_url https://github.com/plone/Products.CMFPlone/issues/2232
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/2232
9
reference_url https://github.com/plone/Products.CMFPlone/pull/2233
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2233
10
reference_url https://github.com/plone/Products.CMFPlone/pull/2234
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2234
11
reference_url https://github.com/plone/Products.CMFPlone/pull/2235
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2235
12
reference_url https://github.com/plone/Products.CMFPlone/pull/2236
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2236
13
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-70.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-70.yaml
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000481
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000481
15
reference_url https://plone.org/security/hotfix/20171128/open-redirection-on-login-form
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20171128/open-redirection-on-login-form
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1532489
reference_id 1532489
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1532489
fixed_packages
0
url pkg:pypi/plone@4.3.16
purl pkg:pypi/plone@4.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-4yk1-dgbv-rubx
2
vulnerability VCID-7h1m-1f34-5qcs
3
vulnerability VCID-7w2h-6rxu-xqcd
4
vulnerability VCID-8kb4-bxbj-4udw
5
vulnerability VCID-9qpy-74mb-cfc6
6
vulnerability VCID-br6e-6exv-ykg6
7
vulnerability VCID-d874-w13w-qkey
8
vulnerability VCID-hb8u-3ubs-x7hf
9
vulnerability VCID-hgwu-kg1s-ffcn
10
vulnerability VCID-kzvb-7yn4-qbb9
11
vulnerability VCID-mu4f-29hh-dbhp
12
vulnerability VCID-n722-gtzf-gqgd
13
vulnerability VCID-nzjx-cckn-dfbc
14
vulnerability VCID-qmqy-eng1-3ka6
15
vulnerability VCID-rmp2-rsv7-auds
16
vulnerability VCID-t8kn-cm9s-yfgv
17
vulnerability VCID-tkhq-78vd-aygx
18
vulnerability VCID-ub1u-ev6d-sugd
19
vulnerability VCID-utck-uem9-n7a6
20
vulnerability VCID-z48y-dbfw-ubea
21
vulnerability VCID-znrm-edqa-nfbe
22
vulnerability VCID-zny3-fyqj-h7bm
23
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16
1
url pkg:pypi/plone@5.1.0
purl pkg:pypi/plone@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-213v-yc9d-u7dx
1
vulnerability VCID-2ym8-nhsc-j7hf
2
vulnerability VCID-4yk1-dgbv-rubx
3
vulnerability VCID-7w2h-6rxu-xqcd
4
vulnerability VCID-8kb4-bxbj-4udw
5
vulnerability VCID-9qpy-74mb-cfc6
6
vulnerability VCID-br6e-6exv-ykg6
7
vulnerability VCID-d874-w13w-qkey
8
vulnerability VCID-hb8u-3ubs-x7hf
9
vulnerability VCID-hgwu-kg1s-ffcn
10
vulnerability VCID-kzvb-7yn4-qbb9
11
vulnerability VCID-m1gb-mydp-bbez
12
vulnerability VCID-mu4f-29hh-dbhp
13
vulnerability VCID-qmqy-eng1-3ka6
14
vulnerability VCID-t8kn-cm9s-yfgv
15
vulnerability VCID-tkhq-78vd-aygx
16
vulnerability VCID-ub1u-ev6d-sugd
17
vulnerability VCID-utck-uem9-n7a6
18
vulnerability VCID-z48y-dbfw-ubea
19
vulnerability VCID-znrm-edqa-nfbe
20
vulnerability VCID-zny3-fyqj-h7bm
21
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0
aliases CVE-2017-1000481, GHSA-8g72-gq68-6gqh, PYSEC-2018-70
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ys36-9r8f-63ab
61
url VCID-ys4v-vwrn-4fa7
vulnerability_id VCID-ys4v-vwrn-4fa7
summary Plone allows remote attackers to read hidden folder contents
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5503.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5503.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5503
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55373
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5503
2
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
3
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-45.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-45.yaml
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/19
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/19
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874150
reference_id 874150
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=874150
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5503
reference_id CVE-2012-5503
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5503
10
reference_url https://github.com/advisories/GHSA-prr5-pfr8-q9f3
reference_id GHSA-prr5-pfr8-q9f3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-prr5-pfr8-q9f3
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1e1b-7fkz-rybz
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-37gz-3kz2-pyh5
6
vulnerability VCID-3kbx-xrnj-nyfu
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-afnm-51yp-4bhc
13
vulnerability VCID-br6e-6exv-ykg6
14
vulnerability VCID-cfen-6xpt-rqa3
15
vulnerability VCID-d874-w13w-qkey
16
vulnerability VCID-dur5-cy82-1kex
17
vulnerability VCID-dwph-zncb-fkhv
18
vulnerability VCID-ezb4-3xtr-h3g6
19
vulnerability VCID-hb8u-3ubs-x7hf
20
vulnerability VCID-hgwu-kg1s-ffcn
21
vulnerability VCID-jduh-f7z9-3qcc
22
vulnerability VCID-jp3d-8ja2-c3a6
23
vulnerability VCID-kcx4-zkp3-xucf
24
vulnerability VCID-kmz7-9j1z-6fdp
25
vulnerability VCID-m7pv-me1q-6kh7
26
vulnerability VCID-mu4f-29hh-dbhp
27
vulnerability VCID-n722-gtzf-gqgd
28
vulnerability VCID-nedk-vykq-xfda
29
vulnerability VCID-nkez-59zg-8fan
30
vulnerability VCID-nr4g-tdxq-byhh
31
vulnerability VCID-nzjx-cckn-dfbc
32
vulnerability VCID-qmqy-eng1-3ka6
33
vulnerability VCID-qww5-d5cg-jfb5
34
vulnerability VCID-rdn1-sepc-xbdm
35
vulnerability VCID-rmp2-rsv7-auds
36
vulnerability VCID-rxv3-yw68-a3cp
37
vulnerability VCID-su9w-erpw-mqc3
38
vulnerability VCID-t8kn-cm9s-yfgv
39
vulnerability VCID-tkhq-78vd-aygx
40
vulnerability VCID-utck-uem9-n7a6
41
vulnerability VCID-uty1-5bvq-ffda
42
vulnerability VCID-w7wr-p69p-13dw
43
vulnerability VCID-wxz6-ka2n-jbdz
44
vulnerability VCID-xzvt-13fh-tubp
45
vulnerability VCID-ys36-9r8f-63ab
46
vulnerability VCID-z48y-dbfw-ubea
47
vulnerability VCID-znrm-edqa-nfbe
48
vulnerability VCID-zny3-fyqj-h7bm
49
vulnerability VCID-zpcq-187m-p3hk
50
vulnerability VCID-zpsw-2yqh-dqb8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-5qmx-515u-dbdq
6
vulnerability VCID-7h1m-1f34-5qcs
7
vulnerability VCID-7w2h-6rxu-xqcd
8
vulnerability VCID-8kb4-bxbj-4udw
9
vulnerability VCID-9qpy-74mb-cfc6
10
vulnerability VCID-br6e-6exv-ykg6
11
vulnerability VCID-d874-w13w-qkey
12
vulnerability VCID-ezb4-3xtr-h3g6
13
vulnerability VCID-hb8u-3ubs-x7hf
14
vulnerability VCID-hgwu-kg1s-ffcn
15
vulnerability VCID-jp3d-8ja2-c3a6
16
vulnerability VCID-kcx4-zkp3-xucf
17
vulnerability VCID-mu4f-29hh-dbhp
18
vulnerability VCID-n722-gtzf-gqgd
19
vulnerability VCID-nkez-59zg-8fan
20
vulnerability VCID-nr4g-tdxq-byhh
21
vulnerability VCID-nzjx-cckn-dfbc
22
vulnerability VCID-qmqy-eng1-3ka6
23
vulnerability VCID-qww5-d5cg-jfb5
24
vulnerability VCID-rmp2-rsv7-auds
25
vulnerability VCID-rxv3-yw68-a3cp
26
vulnerability VCID-t8kn-cm9s-yfgv
27
vulnerability VCID-tkhq-78vd-aygx
28
vulnerability VCID-utck-uem9-n7a6
29
vulnerability VCID-w7wr-p69p-13dw
30
vulnerability VCID-xzvt-13fh-tubp
31
vulnerability VCID-ys36-9r8f-63ab
32
vulnerability VCID-z48y-dbfw-ubea
33
vulnerability VCID-znrm-edqa-nfbe
34
vulnerability VCID-zny3-fyqj-h7bm
35
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5503, GHSA-prr5-pfr8-q9f3, PYSEC-2014-45
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ys4v-vwrn-4fa7
62
url VCID-z48y-dbfw-ubea
vulnerability_id VCID-z48y-dbfw-ubea
summary Plone through 5.2.4 allows XSS via the inline_diff methods in Products.CMFDiffTool.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33513
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.53951
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33513
1
reference_url https://github.com/advisories/GHSA-fj67-w3m4-rfmp
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fj67-w3m4-rfmp
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-85.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-85.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33513
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33513
5
reference_url https://plone.org/security/hotfix/20210518/xss-vulnerability-in-cmfdifftool
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/xss-vulnerability-in-cmfdifftool
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb8u-3ubs-x7hf
1
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33513, GHSA-fj67-w3m4-rfmp, PYSEC-2021-85
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z48y-dbfw-ubea
63
url VCID-znrm-edqa-nfbe
vulnerability_id VCID-znrm-edqa-nfbe
summary Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-22889
reference_id
reference_type
scores
0
value 0.00554
scoring_system epss
scoring_elements 0.68536
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-22889
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-22889
reference_id CVE-2024-22889
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-22889
3
reference_url https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9
reference_id CVE-2024-22889-Plone-v6.0.9
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-07T16:30:42Z/
url https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9
4
reference_url https://github.com/advisories/GHSA-xg5p-8wg5-rhxm
reference_id GHSA-xg5p-8wg5-rhxm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-xg5p-8wg5-rhxm
fixed_packages
0
url pkg:pypi/plone@6.0.10
purl pkg:pypi/plone@6.0.10
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@6.0.10
aliases CVE-2024-22889, GHSA-xg5p-8wg5-rhxm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znrm-edqa-nfbe
64
url VCID-zny3-fyqj-h7bm
vulnerability_id VCID-zny3-fyqj-h7bm
summary Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33508
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50962
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33508
1
reference_url https://github.com/advisories/GHSA-rmpv-rcp6-v8wc
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rmpv-rcp6-v8wc
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-80.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-80.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33508
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33508
5
reference_url https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-hb8u-3ubs-x7hf
1
vulnerability VCID-znrm-edqa-nfbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33508, GHSA-rmpv-rcp6-v8wc, PYSEC-2021-80
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zny3-fyqj-h7bm
65
url VCID-zpcq-187m-p3hk
vulnerability_id VCID-zpcq-187m-p3hk
summary Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk from this vulnerability. The problem has been fixed in Zope 5.2 and 4.6. As a workaround, a site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32633
reference_id
reference_type
scores
0
value 0.00943
scoring_system epss
scoring_elements 0.76722
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32633
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32674
reference_id
reference_type
scores
0
value 0.00801
scoring_system epss
scoring_elements 0.74512
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32674
2
reference_url https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633
3
reference_url https://github.com/advisories/GHSA-5vq5-pg3r-9ph3
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5vq5-pg3r-9ph3
4
reference_url https://github.com/advisories/GHSA-962m-m8jw-8wrr
reference_id
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-962m-m8jw-8wrr
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2021-104.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2021-104.yaml
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2021-88.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2021-88.yaml
7
reference_url https://github.com/zopefoundation/Zope
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope
8
reference_url https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21
9
reference_url https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91
10
reference_url https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
4
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
5
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36
11
reference_url https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32633
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32633
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-32674
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-32674
14
reference_url https://pypi.org/project/Zope
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/Zope
15
reference_url https://pypi.org/project/Zope/
reference_id
reference_type
scores
url https://pypi.org/project/Zope/
16
reference_url http://www.openwall.com/lists/oss-security/2021/05/21/1
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/21/1
17
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 7.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
18
reference_url https://github.com/advisories/GHSA-5pr9-v234-jw36
reference_id GHSA-5pr9-v234-jw36
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5pr9-v234-jw36
19
reference_url https://github.com/advisories/GHSA-rpcg-f9q6-2mq6
reference_id GHSA-rpcg-f9q6-2mq6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rpcg-f9q6-2mq6
fixed_packages
0
url pkg:pypi/plone@5.0a1
purl pkg:pypi/plone@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-213v-yc9d-u7dx
3
vulnerability VCID-37gz-3kz2-pyh5
4
vulnerability VCID-3kbx-xrnj-nyfu
5
vulnerability VCID-4yk1-dgbv-rubx
6
vulnerability VCID-7w2h-6rxu-xqcd
7
vulnerability VCID-8kb4-bxbj-4udw
8
vulnerability VCID-9qpy-74mb-cfc6
9
vulnerability VCID-br6e-6exv-ykg6
10
vulnerability VCID-d874-w13w-qkey
11
vulnerability VCID-ezb4-3xtr-h3g6
12
vulnerability VCID-hb8u-3ubs-x7hf
13
vulnerability VCID-hgwu-kg1s-ffcn
14
vulnerability VCID-kzvb-7yn4-qbb9
15
vulnerability VCID-mu4f-29hh-dbhp
16
vulnerability VCID-n722-gtzf-gqgd
17
vulnerability VCID-nzjx-cckn-dfbc
18
vulnerability VCID-qmqy-eng1-3ka6
19
vulnerability VCID-rmp2-rsv7-auds
20
vulnerability VCID-rxv3-yw68-a3cp
21
vulnerability VCID-t8kn-cm9s-yfgv
22
vulnerability VCID-tkhq-78vd-aygx
23
vulnerability VCID-ub1u-ev6d-sugd
24
vulnerability VCID-utck-uem9-n7a6
25
vulnerability VCID-z48y-dbfw-ubea
26
vulnerability VCID-znrm-edqa-nfbe
27
vulnerability VCID-zny3-fyqj-h7bm
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0a1
aliases CVE-2021-32633, CVE-2021-32674, GHSA-5pr9-v234-jw36, GHSA-5vq5-pg3r-9ph3, GHSA-962m-m8jw-8wrr, GHSA-rpcg-f9q6-2mq6, PYSEC-2021-104, PYSEC-2021-88
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zpcq-187m-p3hk
66
url VCID-zpsw-2yqh-dqb8
vulnerability_id VCID-zpsw-2yqh-dqb8
summary typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4193
reference_id
reference_type
scores
0
value 0.00309
scoring_system epss
scoring_elements 0.54518
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4193
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978469
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978469
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/advisories/GHSA-6fgf-x7wg-hp8r
reference_id
reference_type
scores
url https://github.com/advisories/GHSA-6fgf-x7wg-hp8r
6
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-57.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-57.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4193
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4193
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-17pb-bgga-8ygp
3
vulnerability VCID-1rvm-wt1t-kucb
4
vulnerability VCID-213v-yc9d-u7dx
5
vulnerability VCID-2ped-pk9p-5be3
6
vulnerability VCID-37gz-3kz2-pyh5
7
vulnerability VCID-3kbx-xrnj-nyfu
8
vulnerability VCID-3rsq-dq49-uyfg
9
vulnerability VCID-3ufm-n2ku-8uax
10
vulnerability VCID-4qbd-mwc7-7kdw
11
vulnerability VCID-4r5c-efmk-8feu
12
vulnerability VCID-556h-c8hm-6qfc
13
vulnerability VCID-5qmx-515u-dbdq
14
vulnerability VCID-6xwh-jvge-fkf9
15
vulnerability VCID-7h1m-1f34-5qcs
16
vulnerability VCID-7w2h-6rxu-xqcd
17
vulnerability VCID-8kb4-bxbj-4udw
18
vulnerability VCID-9qpy-74mb-cfc6
19
vulnerability VCID-br6e-6exv-ykg6
20
vulnerability VCID-d874-w13w-qkey
21
vulnerability VCID-ezb4-3xtr-h3g6
22
vulnerability VCID-fpv9-t5ew-aqe2
23
vulnerability VCID-fxx5-msd8-1fh8
24
vulnerability VCID-fz81-dgb8-27gh
25
vulnerability VCID-hb8u-3ubs-x7hf
26
vulnerability VCID-hgwu-kg1s-ffcn
27
vulnerability VCID-jduh-f7z9-3qcc
28
vulnerability VCID-jp3d-8ja2-c3a6
29
vulnerability VCID-kcx4-zkp3-xucf
30
vulnerability VCID-m98v-y63a-1yfr
31
vulnerability VCID-mqru-hkfz-xkan
32
vulnerability VCID-mu4f-29hh-dbhp
33
vulnerability VCID-n722-gtzf-gqgd
34
vulnerability VCID-nkez-59zg-8fan
35
vulnerability VCID-nr4g-tdxq-byhh
36
vulnerability VCID-nzjx-cckn-dfbc
37
vulnerability VCID-p3mr-uajx-k7gg
38
vulnerability VCID-pbhm-ufh6-cufd
39
vulnerability VCID-pv6u-hm6u-hbc1
40
vulnerability VCID-q5np-v195-tkbz
41
vulnerability VCID-qmqy-eng1-3ka6
42
vulnerability VCID-qww5-d5cg-jfb5
43
vulnerability VCID-rmp2-rsv7-auds
44
vulnerability VCID-rqej-4883-q3ee
45
vulnerability VCID-rsqs-u4ct-gbar
46
vulnerability VCID-rx3j-xjyn-6qbj
47
vulnerability VCID-rxv3-yw68-a3cp
48
vulnerability VCID-t8kn-cm9s-yfgv
49
vulnerability VCID-tkhq-78vd-aygx
50
vulnerability VCID-tw7a-kck8-83dq
51
vulnerability VCID-utck-uem9-n7a6
52
vulnerability VCID-w7wr-p69p-13dw
53
vulnerability VCID-wxg7-n2p4-ayhw
54
vulnerability VCID-xpdr-51cb-yudn
55
vulnerability VCID-xsyw-pfvg-4qfm
56
vulnerability VCID-ys36-9r8f-63ab
57
vulnerability VCID-ys4v-vwrn-4fa7
58
vulnerability VCID-z48y-dbfw-ubea
59
vulnerability VCID-znrm-edqa-nfbe
60
vulnerability VCID-zny3-fyqj-h7bm
61
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-5qmx-515u-dbdq
7
vulnerability VCID-7h1m-1f34-5qcs
8
vulnerability VCID-7w2h-6rxu-xqcd
9
vulnerability VCID-8kb4-bxbj-4udw
10
vulnerability VCID-9qpy-74mb-cfc6
11
vulnerability VCID-br6e-6exv-ykg6
12
vulnerability VCID-d874-w13w-qkey
13
vulnerability VCID-ezb4-3xtr-h3g6
14
vulnerability VCID-hb8u-3ubs-x7hf
15
vulnerability VCID-hgwu-kg1s-ffcn
16
vulnerability VCID-jduh-f7z9-3qcc
17
vulnerability VCID-jp3d-8ja2-c3a6
18
vulnerability VCID-kcx4-zkp3-xucf
19
vulnerability VCID-mu4f-29hh-dbhp
20
vulnerability VCID-n722-gtzf-gqgd
21
vulnerability VCID-nkez-59zg-8fan
22
vulnerability VCID-nr4g-tdxq-byhh
23
vulnerability VCID-nzjx-cckn-dfbc
24
vulnerability VCID-qmqy-eng1-3ka6
25
vulnerability VCID-qww5-d5cg-jfb5
26
vulnerability VCID-rmp2-rsv7-auds
27
vulnerability VCID-rxv3-yw68-a3cp
28
vulnerability VCID-t8kn-cm9s-yfgv
29
vulnerability VCID-tkhq-78vd-aygx
30
vulnerability VCID-utck-uem9-n7a6
31
vulnerability VCID-w7wr-p69p-13dw
32
vulnerability VCID-xzvt-13fh-tubp
33
vulnerability VCID-ys36-9r8f-63ab
34
vulnerability VCID-z48y-dbfw-ubea
35
vulnerability VCID-znrm-edqa-nfbe
36
vulnerability VCID-zny3-fyqj-h7bm
37
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14h5-hnhw-zuc2
1
vulnerability VCID-177r-1ryk-pfbp
2
vulnerability VCID-1rvm-wt1t-kucb
3
vulnerability VCID-213v-yc9d-u7dx
4
vulnerability VCID-37gz-3kz2-pyh5
5
vulnerability VCID-3kbx-xrnj-nyfu
6
vulnerability VCID-4yk1-dgbv-rubx
7
vulnerability VCID-5qmx-515u-dbdq
8
vulnerability VCID-7h1m-1f34-5qcs
9
vulnerability VCID-7w2h-6rxu-xqcd
10
vulnerability VCID-8kb4-bxbj-4udw
11
vulnerability VCID-9qpy-74mb-cfc6
12
vulnerability VCID-br6e-6exv-ykg6
13
vulnerability VCID-d874-w13w-qkey
14
vulnerability VCID-ezb4-3xtr-h3g6
15
vulnerability VCID-hb8u-3ubs-x7hf
16
vulnerability VCID-hgwu-kg1s-ffcn
17
vulnerability VCID-jduh-f7z9-3qcc
18
vulnerability VCID-jp3d-8ja2-c3a6
19
vulnerability VCID-kcx4-zkp3-xucf
20
vulnerability VCID-kzvb-7yn4-qbb9
21
vulnerability VCID-mu4f-29hh-dbhp
22
vulnerability VCID-n722-gtzf-gqgd
23
vulnerability VCID-nkez-59zg-8fan
24
vulnerability VCID-nr4g-tdxq-byhh
25
vulnerability VCID-nzjx-cckn-dfbc
26
vulnerability VCID-qmqy-eng1-3ka6
27
vulnerability VCID-qww5-d5cg-jfb5
28
vulnerability VCID-rmp2-rsv7-auds
29
vulnerability VCID-rxv3-yw68-a3cp
30
vulnerability VCID-t8kn-cm9s-yfgv
31
vulnerability VCID-tkhq-78vd-aygx
32
vulnerability VCID-ub1u-ev6d-sugd
33
vulnerability VCID-utck-uem9-n7a6
34
vulnerability VCID-w7wr-p69p-13dw
35
vulnerability VCID-xzvt-13fh-tubp
36
vulnerability VCID-ys36-9r8f-63ab
37
vulnerability VCID-z48y-dbfw-ubea
38
vulnerability VCID-znrm-edqa-nfbe
39
vulnerability VCID-zny3-fyqj-h7bm
40
vulnerability VCID-zpcq-187m-p3hk
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4193, GHSA-6fgf-x7wg-hp8r, PYSEC-2014-57
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zpsw-2yqh-dqb8
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/plone@3.2.3