{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","type":"pypi","namespace":"","name":"plone","version":"4.0a1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.0.11","latest_non_vulnerable_version":"6.0.10","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217597?format=json","vulnerability_id":"VCID-14h5-hnhw-zuc2","summary":"Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, 4.2.0 through 4.2.7, 4.3.0 through 4.3.6, and 5.0rc1 allows remote attackers to add a new member to a Plone site with registration enabled, without acknowledgment of site administrator.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7315.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7315.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7315","reference_id":"","reference_type":"","scores":[{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63421","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7315"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264791","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264791"},{"reference_url":"https://github.com/advisories/GHSA-984m-rj28-8c6x","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-984m-rj28-8c6x"},{"reference_url":"https://github.com/plone/Products.CMFPlone","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/1845b0a92312291811b68907bf2aa0fb448c4016","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/1845b0a92312291811b68907bf2aa0fb448c4016"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/9f0111f85cd14f3f067044b59b93e2856c99d542","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/9f0111f85cd14f3f067044b59b93e2856c99d542"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-52.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-52.yaml"},{"reference_url":"https://github.com/zopefoundation/Products.CMFCore/commit/e1d981bfa14b664317285f0f36498f4be4a23406","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/Products.CMFCore/commit/e1d981bfa14b664317285f0f36498f4be4a23406"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7315","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7315"},{"reference_url":"https://plone.org/security/20150910","reference_id":"","reference_type":"","scores":[],"url":"https://plone.org/security/20150910"},{"reference_url":"https://plone.org/security/20150910/anonymous-is-able-to-create-plone-members","reference_id":"","reference_type":"","scores":[],"url":"https://plone.org/security/20150910/anonymous-is-able-to-create-plone-members"},{"reference_url":"https://plone.org/security/hotfix/20150910/anonymous-is-able-to-create-plone-members","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20150910/anonymous-is-able-to-create-plone-members"},{"reference_url":"https://pypi.org/project/Products.PloneHotfix20150910","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/Products.PloneHotfix20150910"},{"reference_url":"https://pypi.python.org/pypi/Products.PloneHotfix20150910","reference_id":"","reference_type":"","scores":[],"url":"https://pypi.python.org/pypi/Products.PloneHotfix20150910"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/22/13","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2015/09/22/13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45288?format=json","purl":"pkg:pypi/plone@4.1a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1a1"},{"url":"http://public2.vulnerablecode.io/api/packages/46590?format=json","purl":"pkg:pypi/plone@4.2a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a1"},{"url":"http://public2.vulnerablecode.io/api/packages/13256?format=json","purl":"pkg:pypi/plone@4.3a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3a1"},{"url":"http://public2.vulnerablecode.io/api/packages/48480?format=json","purl":"pkg:pypi/plone@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/48636?format=json","purl":"pkg:pypi/plone@5.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0rc2"}],"aliases":["CVE-2015-7315","GHSA-984m-rj28-8c6x","PYSEC-2017-52"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-14h5-hnhw-zuc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217525?format=json","vulnerability_id":"VCID-177r-1ryk-pfbp","summary":"Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.","references":[{"reference_url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7140.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7140","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7140"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Oct/80","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Oct/80"},{"reference_url":"https://github.com/advisories/GHSA-chvw-gjxf-f8mc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-chvw-gjxf-f8mc"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-63.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-63.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7140","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7140"},{"reference_url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-zope2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-zope2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/5"},{"reference_url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373466","reference_id":"1373466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13148?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/13146?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7140","GHSA-chvw-gjxf-f8mc","PYSEC-2017-63"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-177r-1ryk-pfbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217445?format=json","vulnerability_id":"VCID-17pb-bgga-8ygp","summary":"queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1194","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1194"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5498.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5498.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-5498","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-5498"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5498","reference_id":"","reference_type":"","scores":[{"value":"0.01001","scoring_system":"epss","scoring_elements":"0.7743","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5498"},{"reference_url":"https://github.com/advisories/GHSA-97rj-p794-wq6m","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-97rj-p794-wq6m"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-40.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-40.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5498","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5498"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/14","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/14"},{"reference_url":"https://web.archive.org/web/20130528001715/https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20130528001715/https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://web.archive.org/web/20131103191705/https://plone.org/products/plone/security/advisories/20121106/14","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20131103191705/https://plone.org/products/plone/security/advisories/20121106/14"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/09/7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/09/7"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874665","reference_id":"874665","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874665"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5498","GHSA-97rj-p794-wq6m","PYSEC-2014-40"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-17pb-bgga-8ygp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217406?format=json","vulnerability_id":"VCID-1e1b-7fkz-rybz","summary":"traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers with administrator privileges to cause a denial of service (infinite loop and resource consumption) via unspecified vectors related to \"retrieving information for certain resources.\"","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4188","reference_id":"","reference_type":"","scores":[{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68875","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978449","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978449"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-w3pw-qxjj-6prr","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-w3pw-qxjj-6prr"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-52.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-52.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4188","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4188"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4188","GHSA-w3pw-qxjj-6prr","PYSEC-2014-52"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1e1b-7fkz-rybz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200967?format=json","vulnerability_id":"VCID-1j4m-pw7f-augk","summary":"Plone Cross-site Scripting vulnerability","references":[{"reference_url":"http://osvdb.org/72728","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/72728"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1949.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1949.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1949","reference_id":"","reference_type":"","scores":[{"value":"0.00375","scoring_system":"epss","scoring_elements":"0.59553","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1949"},{"reference_url":"http://secunia.com/advisories/44775","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44775"},{"reference_url":"http://secunia.com/advisories/44776","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44776"},{"reference_url":"http://securityreason.com/securityalert/8269","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/8269"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67694","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67694"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-15.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-15.yaml"},{"reference_url":"http://www.securityfocus.com/archive/1/518155/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/518155/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/48005","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/48005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=711495","reference_id":"711495","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=711495"},{"reference_url":"http://plone.org/products/plone/security/advisories/CVE-2011-1949","reference_id":"CVE-2011-1949","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/CVE-2011-1949"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1949","reference_id":"CVE-2011-1949","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1949"},{"reference_url":"https://github.com/advisories/GHSA-h6hq-c896-w882","reference_id":"GHSA-h6hq-c896-w882","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h6hq-c896-w882"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13291?format=json","purl":"pkg:pypi/plone@4.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"}],"aliases":["CVE-2011-1949","GHSA-h6hq-c896-w882","PYSEC-2011-15"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1j4m-pw7f-augk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217496?format=json","vulnerability_id":"VCID-1rvm-wt1t-kucb","summary":"Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the obj_ids:tokens parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7140.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7147","reference_id":"","reference_type":"","scores":[{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53638","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7147"},{"reference_url":"https://github.com/advisories/GHSA-84jm-cpc5-c7g7","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-84jm-cpc5-c7g7"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-64.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-64.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7147","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7147"},{"reference_url":"https://plone.org/security/hotfix/20170117","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20170117"},{"reference_url":"https://plone.org/security/hotfix/20170117/non-persistent-xss-in-zope2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20170117/non-persistent-xss-in-zope2"},{"reference_url":"https://web.archive.org/web/20170214002551/http://www.securityfocus.com/bid/96117","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20170214002551/http://www.securityfocus.com/bid/96117"},{"reference_url":"https://www.curesec.com/blog/article/blog/Plone-XSS-186.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.curesec.com/blog/article/blog/Plone-XSS-186.html"},{"reference_url":"http://www.curesec.com/blog/article/blog/Plone-XSS-186.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.curesec.com/blog/article/blog/Plone-XSS-186.html"},{"reference_url":"http://www.securityfocus.com/bid/96117","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96117"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13148?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/13146?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7147","GHSA-84jm-cpc5-c7g7","PYSEC-2017-64"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1rvm-wt1t-kucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218089?format=json","vulnerability_id":"VCID-213v-yc9d-u7dx","summary":"Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28734","reference_id":"","reference_type":"","scores":[{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65733","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28734"},{"reference_url":"https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt"},{"reference_url":"https://github.com/advisories/GHSA-wq6x-g685-w5f2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wq6x-g685-w5f2"},{"reference_url":"https://github.com/plone/Products.CMFPlone/issues/3209","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/issues/3209"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-246.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-246.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28734","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28734"},{"reference_url":"https://www.misakikata.com/codes/plone/python-en.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.misakikata.com/codes/plone/python-en.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23898?format=json","purl":"pkg:pypi/plone@5.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3"}],"aliases":["CVE-2020-28734","GHSA-wq6x-g685-w5f2","PYSEC-2020-246"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-213v-yc9d-u7dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200805?format=json","vulnerability_id":"VCID-21n8-a2su-nbbd","summary":"Cross-site scripting in Products.CMFPlone and Products.PasswordResetTool","references":[{"reference_url":"http://osvdb.org/72727","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/72727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0151","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2012:0151"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1948.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1948.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1948","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67628","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1948"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=711494","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=711494"},{"reference_url":"http://secunia.com/advisories/44775","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44775"},{"reference_url":"http://secunia.com/advisories/44776","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44776"},{"reference_url":"http://securityreason.com/securityalert/8269","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/8269"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67693","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67693"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-14.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-14.yaml"},{"reference_url":"http://www.securityfocus.com/archive/1/518155/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/518155/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/48005","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/48005"},{"reference_url":"http://plone.org/products/plone/security/advisories/CVE-2011-1948","reference_id":"CVE-2011-1948","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/CVE-2011-1948"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2011-1948","reference_id":"CVE-2011-1948","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2011-1948"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1948","reference_id":"CVE-2011-1948","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1948"},{"reference_url":"https://github.com/advisories/GHSA-p7h9-vf92-5fj5","reference_id":"GHSA-p7h9-vf92-5fj5","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p7h9-vf92-5fj5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"}],"aliases":["CVE-2011-1948","GHSA-p7h9-vf92-5fj5","PYSEC-2011-14"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-21n8-a2su-nbbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217453?format=json","vulnerability_id":"VCID-2ped-pk9p-5be3","summary":"gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5493.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5493.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5493","reference_id":"","reference_type":"","scores":[{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61748","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5493"},{"reference_url":"https://github.com/advisories/GHSA-25jh-5h5r-h33m","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-25jh-5h5r-h33m"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-35.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-35.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5493","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5493"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/09","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/09"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874704","reference_id":"874704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874704"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5493","GHSA-25jh-5h5r-h33m","PYSEC-2014-35"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ped-pk9p-5be3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217640?format=json","vulnerability_id":"VCID-37gz-3kz2-pyh5","summary":"A member of the Plone 2.5-5.1rc1 site could set javascript in the home_page property of his profile, and have this executed when a visitor click the home page link on the author page.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000482.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000482.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000482","reference_id":"","reference_type":"","scores":[{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52554","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000482"},{"reference_url":"https://github.com/advisories/GHSA-859j-668v-mrr6","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-859j-668v-mrr6"},{"reference_url":"https://github.com/plone/Products.CMFPlone","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373"},{"reference_url":"https://github.com/plone/Products.CMFPlone/issues/2232","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/issues/2232"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/2233","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/2233"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/2234","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/2234"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/2235","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/2235"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/2236","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/2236"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-71.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-71.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000482","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000482"},{"reference_url":"https://plone.org/security/hotfix/20171128/xss-using-the-home_page-member-property","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20171128/xss-using-the-home_page-member-property"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532485","reference_id":"1532485","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532485"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/14658?format=json","purl":"pkg:pypi/plone@4.3.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16"},{"url":"http://public2.vulnerablecode.io/api/packages/14660?format=json","purl":"pkg:pypi/plone@5.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0"}],"aliases":["CVE-2017-1000482","GHSA-859j-668v-mrr6","PYSEC-2018-71"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-37gz-3kz2-pyh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217454?format=json","vulnerability_id":"VCID-3rsq-dq49-uyfg","summary":"Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5490.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5490.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5490","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52297","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5490"},{"reference_url":"https://github.com/advisories/GHSA-q46g-v7r4-9vhr","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-q46g-v7r4-9vhr"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-32.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-32.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5490","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5490"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/06","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/06"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=878968","reference_id":"878968","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=878968"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5490","GHSA-q46g-v7r4-9vhr","PYSEC-2014-32"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3rsq-dq49-uyfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217442?format=json","vulnerability_id":"VCID-3ufm-n2ku-8uax","summary":"python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to \"go_back.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5495.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5495.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5495","reference_id":"","reference_type":"","scores":[{"value":"0.00638","scoring_system":"epss","scoring_elements":"0.70976","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5495"},{"reference_url":"https://github.com/advisories/GHSA-w6pw-5gh5-4952","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-w6pw-5gh5-4952"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-37.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-37.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5495","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5495"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/11","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874699","reference_id":"874699","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874699"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5495","GHSA-w6pw-5gh5-4952","PYSEC-2014-37"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ufm-n2ku-8uax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200803?format=json","vulnerability_id":"VCID-4qbd-mwc7-7kdw","summary":"Plone Denial of Service vulnerability","references":[{"reference_url":"http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4462.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4462.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4462","reference_id":"","reference_type":"","scores":[{"value":"0.00925","scoring_system":"epss","scoring_elements":"0.76478","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4462"},{"reference_url":"http://secunia.com/advisories/47406","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/47406"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72018","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72018"},{"reference_url":"https://github.com/plone/plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-22.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-22.yaml"},{"reference_url":"http://www.kb.cert.org/vuls/id/903934","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.kb.cert.org/vuls/id/903934"},{"reference_url":"http://www.nruns.com/_downloads/advisory28122011.pdf","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.nruns.com/_downloads/advisory28122011.pdf"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=781683","reference_id":"781683","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=781683"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4462","reference_id":"CVE-2011-4462","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-4462"},{"reference_url":"http://www.ocert.org/advisories/ocert-2011-003.html","reference_id":"CVE-2011-4885;OSVDB-78115","reference_type":"exploit","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.ocert.org/advisories/ocert-2011-003.html"},{"reference_url":"https://github.com/advisories/GHSA-pcwm-8jc3-qxvj","reference_id":"GHSA-pcwm-8jc3-qxvj","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pcwm-8jc3-qxvj"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13245?format=json","purl":"pkg:pypi/plone@4.1.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.4"}],"aliases":["CVE-2011-4462","GHSA-pcwm-8jc3-qxvj","PYSEC-2011-22"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qbd-mwc7-7kdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217441?format=json","vulnerability_id":"VCID-4r5c-efmk-8feu","summary":"python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1194","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1194"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5499.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5499.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-5499","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-5499"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5499","reference_id":"","reference_type":"","scores":[{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75932","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5499"},{"reference_url":"https://github.com/advisories/GHSA-wrf2-2rch-cmr9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wrf2-2rch-cmr9"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-41.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-41.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5499","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5499"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/15","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/15"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874657","reference_id":"874657","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5499","GHSA-wrf2-2rch-cmr9","PYSEC-2014-41"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4r5c-efmk-8feu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217451?format=json","vulnerability_id":"VCID-556h-c8hm-6qfc","summary":"atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5505.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5505.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5505","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5505"},{"reference_url":"https://github.com/advisories/GHSA-cq5g-924m-7fxh","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cq5g-924m-7fxh"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-47.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-47.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5505","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5505"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/21","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/21"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874214","reference_id":"874214","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874214"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5505","GHSA-cq5g-924m-7fxh","PYSEC-2014-47"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-556h-c8hm-6qfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217448?format=json","vulnerability_id":"VCID-6xwh-jvge-fkf9","summary":"Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to \"{u,}translate.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5494.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5494","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52297","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5494"},{"reference_url":"https://github.com/advisories/GHSA-3g6w-4m7x-97v6","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3g6w-4m7x-97v6"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-36.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-36.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5494","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5494"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/10","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874703","reference_id":"874703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874703"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5494","GHSA-3g6w-4m7x-97v6","PYSEC-2014-36"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xwh-jvge-fkf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217601?format=json","vulnerability_id":"VCID-7h1m-1f34-5qcs","summary":"Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.","references":[{"reference_url":"http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt"},{"reference_url":"http://packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7293","reference_id":"","reference_type":"","scores":[{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56486","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7293"},{"reference_url":"https://github.com/advisories/GHSA-p3qm-44cf-f8qx","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-p3qm-44cf-f8qx"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-51.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-51.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7293","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7293"},{"reference_url":"https://plone.org/security/hotfix/20151006","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20151006"},{"reference_url":"https://pypi.python.org/pypi/plone4.csrffixes","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.python.org/pypi/plone4.csrffixes"},{"reference_url":"https://www.exploit-db.com/exploits/38411","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/38411"},{"reference_url":"https://www.exploit-db.com/exploits/38411/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/38411/"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38411.txt","reference_id":"CVE-2015-7293;OSVDB-128533;OSVDB-128532","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38411.txt"},{"reference_url":"https://plone.org/products/plone/security/advisories/security-vulnerability-20151006-csrf","reference_id":"CVE-2015-7293;OSVDB-128533;OSVDB-128532","reference_type":"exploit","scores":[],"url":"https://plone.org/products/plone/security/advisories/security-vulnerability-20151006-csrf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48628?format=json","purl":"pkg:pypi/plone@5.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0a1"}],"aliases":["CVE-2015-7293","GHSA-p3qm-44cf-f8qx","PYSEC-2017-51"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7h1m-1f34-5qcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218160?format=json","vulnerability_id":"VCID-7w2h-6rxu-xqcd","summary":"Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33507","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52353","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33507"},{"reference_url":"https://github.com/advisories/GHSA-35rg-466w-77h3","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-35rg-466w-77h3"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-79.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-79.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33507","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33507"},{"reference_url":"https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64644?format=json","purl":"pkg:pypi/plone@5.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5"}],"aliases":["CVE-2021-33507","GHSA-35rg-466w-77h3","PYSEC-2021-79"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7w2h-6rxu-xqcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/216759?format=json","vulnerability_id":"VCID-7zku-wweg-xua6","summary":"Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.","references":[{"reference_url":"http://osvdb.org/70753","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://osvdb.org/70753"},{"reference_url":"http://plone.org/products/plone/security/advisories/cve-2011-0720","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/cve-2011-0720"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0720.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0720.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0720","reference_id":"","reference_type":"","scores":[{"value":"0.01407","scoring_system":"epss","scoring_elements":"0.809","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0720"},{"reference_url":"http://secunia.com/advisories/43146","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43146"},{"reference_url":"http://secunia.com/advisories/43914","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43914"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65099","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65099"},{"reference_url":"https://github.com/advisories/GHSA-3v28-9jjp-4g5w","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-3v28-9jjp-4g5w"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-13.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-13.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0720","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0720"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/CVE-2011-0720/logchecker.py","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/CVE-2011-0720/logchecker.py"},{"reference_url":"https://seclists.org/fulldisclosure/2011/Apr/293","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://seclists.org/fulldisclosure/2011/Apr/293"},{"reference_url":"https://web.archive.org/web/20110505051314/http://secunia.com/advisories/43914","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20110505051314/http://secunia.com/advisories/43914"},{"reference_url":"https://web.archive.org/web/20110826134658/http://secunia.com/advisories/43146","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20110826134658/http://secunia.com/advisories/43146"},{"reference_url":"https://web.archive.org/web/20200229153953/http://www.securityfocus.com/bid/46102","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200229153953/http://www.securityfocus.com/bid/46102"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0393.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2011-0393.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0394.html","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.redhat.com/support/errata/RHSA-2011-0394.html"},{"reference_url":"http://www.securityfocus.com/bid/46102","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/46102"},{"reference_url":"http://www.securitytracker.com/id?1025258","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1025258"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0796","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0796"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=676961","reference_id":"676961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=676961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0393","reference_id":"RHSA-2011:0393","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0393"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0394","reference_id":"RHSA-2011:0394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0394"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13290?format=json","purl":"pkg:pypi/plone@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/45283?format=json","purl":"pkg:pypi/plone@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.4"}],"aliases":["CVE-2011-0720","GHSA-3v28-9jjp-4g5w","PYSEC-2011-13"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7zku-wweg-xua6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210426?format=json","vulnerability_id":"VCID-9qpy-74mb-cfc6","summary":"Plone XSS in User Fullname Property and File Upload","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3313","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63814","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3313"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-78.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-78.yaml"},{"reference_url":"https://plone.org/download/releases/5.2.3","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/download/releases/5.2.3"},{"reference_url":"https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html"},{"reference_url":"https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname"},{"reference_url":"https://www.compass-security.com/fileadmin/Research/Advisories/2021-07_CSNC-2021-013_XSS_in_Plone_CMS.txt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.compass-security.com/fileadmin/Research/Advisories/2021-07_CSNC-2021-013_XSS_in_Plone_CMS.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3313","reference_id":"CVE-2021-3313","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3313"},{"reference_url":"https://github.com/advisories/GHSA-hprr-4vfq-fcxw","reference_id":"GHSA-hprr-4vfq-fcxw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hprr-4vfq-fcxw"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23391?format=json","purl":"pkg:pypi/plone@5.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.4"}],"aliases":["CVE-2021-3313","GHSA-hprr-4vfq-fcxw","PYSEC-2021-78"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qpy-74mb-cfc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217412?format=json","vulnerability_id":"VCID-afnm-51yp-4bhc","summary":"zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4191","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54518","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4191"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978453","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978453"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-grwx-4p5v-9g2g","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-grwx-4p5v-9g2g"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-55.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-55.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4191","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4191"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4191","GHSA-grwx-4p5v-9g2g","PYSEC-2014-55"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afnm-51yp-4bhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218156?format=json","vulnerability_id":"VCID-br6e-6exv-ykg6","summary":"Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming, plone.app.dexterity, and plone.supermodel.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33511","reference_id":"","reference_type":"","scores":[{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.5134","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33511"},{"reference_url":"https://github.com/advisories/GHSA-gc9g-67cq-p7v4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gc9g-67cq-p7v4"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-83.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-83.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33511","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33511"},{"reference_url":"https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-lxml-parser","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-lxml-parser"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64644?format=json","purl":"pkg:pypi/plone@5.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5"}],"aliases":["CVE-2021-33511","GHSA-gc9g-67cq-p7v4","PYSEC-2021-83"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-br6e-6exv-ykg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217408?format=json","vulnerability_id":"VCID-cfen-6xpt-rqa3","summary":"The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers to obtain sensitive information via a crafted URL, which reveals the installation path in an error message.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4194","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4194"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978470","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978470"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-mm32-jw73-9227","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-mm32-jw73-9227"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-58.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-58.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4194","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4194","GHSA-mm32-jw73-9227","PYSEC-2014-58"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cfen-6xpt-rqa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210631?format=json","vulnerability_id":"VCID-d874-w13w-qkey","summary":"Plone XSS Vulnerability","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29002","reference_id":"","reference_type":"","scores":[{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54553","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29002"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/issues/3255","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/issues/3255"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-889.yaml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-889.yaml"},{"reference_url":"https://www.exploit-db.com/exploits/49668","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/49668"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29002","reference_id":"CVE-2021-29002","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29002"},{"reference_url":"https://github.com/advisories/GHSA-38g6-x6jv-jwff","reference_id":"GHSA-38g6-x6jv-jwff","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-38g6-x6jv-jwff"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23391?format=json","purl":"pkg:pypi/plone@5.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.4"}],"aliases":["CVE-2021-29002","GHSA-38g6-x6jv-jwff","PYSEC-2021-889"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d874-w13w-qkey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217413?format=json","vulnerability_id":"VCID-dur5-cy82-1kex","summary":"Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4195","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52297","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4195"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978471","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978471"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-j67j-8hrp-76xm","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-j67j-8hrp-76xm"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-59.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-59.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4195","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4195"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4195","GHSA-j67j-8hrp-76xm","PYSEC-2014-59"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dur5-cy82-1kex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217409?format=json","vulnerability_id":"VCID-dwph-zncb-fkhv","summary":"sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4192","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44468","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978464","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978464"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-f5h9-3hpf-9j8m","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-f5h9-3hpf-9j8m"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-56.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-56.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4192","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4192"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4192","GHSA-f5h9-3hpf-9j8m","PYSEC-2014-56"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dwph-zncb-fkhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200674?format=json","vulnerability_id":"VCID-ezb4-3xtr-h3g6","summary":"Plone Sandbox Escape","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5524.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5524","reference_id":"","reference_type":"","scores":[{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.40073","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5524"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/a7d47692058e10ce89968e7ca4dacbdf44fcad4f","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/a7d47692058e10ce89968e7ca4dacbdf44fcad4f"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/1912","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/1912"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-81.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-81.yaml"},{"reference_url":"https://plone.org/security/hotfix/20170117/sandbox-escape","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20170117/sandbox-escape"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/01/18/6","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2017/01/18/6"},{"reference_url":"http://www.securityfocus.com/bid/95679","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/95679"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1436640","reference_id":"1436640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1436640"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5524","reference_id":"CVE-2017-5524","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5524"},{"reference_url":"https://github.com/advisories/GHSA-p5wr-vp8g-q5p4","reference_id":"GHSA-p5wr-vp8g-q5p4","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p5wr-vp8g-q5p4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13148?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/13146?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/13151?format=json","purl":"pkg:pypi/plone@5.1b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1b1"}],"aliases":["CVE-2017-5524","GHSA-p5wr-vp8g-q5p4","PYSEC-2017-81"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ezb4-3xtr-h3g6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217439?format=json","vulnerability_id":"VCID-fpv9-t5ew-aqe2","summary":"Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5502.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5502.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5502","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.3559","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5502"},{"reference_url":"https://github.com/advisories/GHSA-hr59-35cr-qf43","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hr59-35cr-qf43"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-44.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-44.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5502","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5502"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/18","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/18"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874643","reference_id":"874643","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5502","GHSA-hr59-35cr-qf43","PYSEC-2014-44"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fpv9-t5ew-aqe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217438?format=json","vulnerability_id":"VCID-fxx5-msd8-1fh8","summary":"Cross-site scripting (XSS) vulnerability in widget_traversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5504.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5504.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5504","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52297","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5504"},{"reference_url":"https://github.com/advisories/GHSA-5whw-5cmm-9jw4","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-5whw-5cmm-9jw4"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-46.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-46.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5504","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5504"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/20","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/20"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874219","reference_id":"874219","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874219"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5504","GHSA-5whw-5cmm-9jw4","PYSEC-2014-46"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fxx5-msd8-1fh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217444?format=json","vulnerability_id":"VCID-fz81-dgb8-27gh","summary":"registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1194","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1194"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5485.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5485.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-5485","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-5485"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5485","reference_id":"","reference_type":"","scores":[{"value":"0.00599","scoring_system":"epss","scoring_elements":"0.69916","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5485"},{"reference_url":"https://github.com/advisories/GHSA-7hxc-mwx7-5hmc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7hxc-mwx7-5hmc"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-27.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-27.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5485","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5485"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/01","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/01"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=878934","reference_id":"878934","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=878934"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5485","GHSA-7hxc-mwx7-5hmc","PYSEC-2014-27"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fz81-dgb8-27gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211637?format=json","vulnerability_id":"VCID-hb8u-3ubs-x7hf","summary":"Cross-Frame Scripting vulnerability has been found on Plone CMS","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0669","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15946","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0669"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://www.incibe.es/en/incibe-cert/notices/aviso/cross-frame-scripting-xfs-plone-cms","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/cross-frame-scripting-xfs-plone-cms"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-0669","reference_id":"CVE-2024-0669","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-0669"},{"reference_url":"https://github.com/advisories/GHSA-5xfx-55x4-j223","reference_id":"GHSA-5xfx-55x4-j223","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5xfx-55x4-j223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/685947?format=json","purl":"pkg:pypi/plone@6.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@6.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/28441?format=json","purl":"pkg:pypi/plone@6.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@6.0.7"}],"aliases":["CVE-2024-0669","GHSA-5xfx-55x4-j223"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hb8u-3ubs-x7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218158?format=json","vulnerability_id":"VCID-hgwu-kg1s-ffcn","summary":"Plone through 5.2.4 allows stored XSS attacks (by a Contributor) by uploading an SVG or HTML document.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33512","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53951","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33512"},{"reference_url":"https://github.com/advisories/GHSA-hm2h-f456-6j88","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hm2h-f456-6j88"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-84.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-84.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33512","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33512"},{"reference_url":"https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64644?format=json","purl":"pkg:pypi/plone@5.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5"}],"aliases":["CVE-2021-33512","GHSA-hm2h-f456-6j88","PYSEC-2021-84"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hgwu-kg1s-ffcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217421?format=json","vulnerability_id":"VCID-kcx4-zkp3-xucf","summary":"Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7060.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7060.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7060","reference_id":"","reference_type":"","scores":[{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.64267","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7060"},{"reference_url":"https://github.com/advisories/GHSA-rg52-j87w-pf83","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-rg52-j87w-pf83"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/b08a45bc12b1bd42411f1130a487a7a242349ea0/Products/CMFPlone/FactoryTool.py#L272-L274","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/b08a45bc12b1bd42411f1130a487a7a242349ea0/Products/CMFPlone/FactoryTool.py#L272-L274"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-65.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-65.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-67.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-67.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7060","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7060"},{"reference_url":"https://plone.org/security/20131210/path-leak","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/20131210/path-leak"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/12/10/15","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/12/10/15"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/12/12/3","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/12/12/3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1040378","reference_id":"1040378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1040378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46599?format=json","purl":"pkg:pypi/plone@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.3"}],"aliases":["CVE-2013-7060","GHSA-rg52-j87w-pf83","PYSEC-2014-65","PYSEC-2014-67"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kcx4-zkp3-xucf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217415?format=json","vulnerability_id":"VCID-kmz7-9j1z-6fdp","summary":"member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4197","reference_id":"","reference_type":"","scores":[{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66339","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4197"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978478","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978478"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-jjvw-3h9j-p7jf","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-jjvw-3h9j-p7jf"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-61.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-61.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4197","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"7.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4197"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4197","GHSA-jjvw-3h9j-p7jf","PYSEC-2014-61"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kmz7-9j1z-6fdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217447?format=json","vulnerability_id":"VCID-m758-7mkw-g7ac","summary":"kupu_spellcheck.py in Kupu in Plone before 4.0 allows remote attackers to cause a denial of service (ZServer thread lock) via a crafted URL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5496.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5496.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5496","reference_id":"","reference_type":"","scores":[{"value":"0.00603","scoring_system":"epss","scoring_elements":"0.70038","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5496"},{"reference_url":"https://github.com/advisories/GHSA-gx6w-hcw3-5r37","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gx6w-hcw3-5r37"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-38.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-38.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5496","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5496"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/12","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/12"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874685","reference_id":"874685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874685"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13147?format=json","purl":"pkg:pypi/plone@4.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0"}],"aliases":["CVE-2012-5496","GHSA-gx6w-hcw3-5r37","PYSEC-2014-38"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m758-7mkw-g7ac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217411?format=json","vulnerability_id":"VCID-m7pv-me1q-6kh7","summary":"mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4198","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.54183","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4198"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978480","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978480"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-qjxf-6pr8-j87v","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qjxf-6pr8-j87v"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-62.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-62.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4198","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4198"},{"reference_url":"https://pypi.org/project/Products.PloneHotfix20130618","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/Products.PloneHotfix20130618"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4198","GHSA-qjxf-6pr8-j87v","PYSEC-2014-62"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m7pv-me1q-6kh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217449?format=json","vulnerability_id":"VCID-m98v-y63a-1yfr","summary":"at_download.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read arbitrary BLOBs (Files and Images) stored on custom content types via a crafted URL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5501.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5501.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5501","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5501"},{"reference_url":"https://github.com/advisories/GHSA-pvhv-qwc8-r2pg","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pvhv-qwc8-r2pg"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-43.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-43.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5501","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5501"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/17","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/17"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874162","reference_id":"874162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874162"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5501","GHSA-pvhv-qwc8-r2pg","PYSEC-2014-43"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m98v-y63a-1yfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217450?format=json","vulnerability_id":"VCID-mqru-hkfz-xkan","summary":"membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1194","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1194"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5497.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5497.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-5497","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-5497"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5497","reference_id":"","reference_type":"","scores":[{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63313","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5497"},{"reference_url":"https://github.com/advisories/GHSA-683w-84m7-p8pw","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-683w-84m7-p8pw"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-39.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-39.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5497","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5497"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/13","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/13"},{"reference_url":"https://web.archive.org/web/20131103175056/https://plone.org/products/plone/security/advisories/20121106/13","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20131103175056/https://plone.org/products/plone/security/advisories/20121106/13"},{"reference_url":"https://web.archive.org/web/20131114082527/https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20131114082527/https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874681","reference_id":"874681","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874681"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5497","GHSA-683w-84m7-p8pw","PYSEC-2014-39"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqru-hkfz-xkan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218155?format=json","vulnerability_id":"VCID-mu4f-29hh-dbhp","summary":"Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33509","reference_id":"","reference_type":"","scores":[{"value":"0.00846","scoring_system":"epss","scoring_elements":"0.75265","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33509"},{"reference_url":"https://github.com/advisories/GHSA-hm2p-fhwx-9285","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hm2p-fhwx-9285"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-81.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-81.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33509","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33509"},{"reference_url":"https://plone.org/security/hotfix/20210518/writing-arbitrary-files-via-docutils-and-python-script","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/writing-arbitrary-files-via-docutils-and-python-script"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64644?format=json","purl":"pkg:pypi/plone@5.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5"}],"aliases":["CVE-2021-33509","GHSA-hm2p-fhwx-9285","PYSEC-2021-81"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mu4f-29hh-dbhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202775?format=json","vulnerability_id":"VCID-n722-gtzf-gqgd","summary":"Plone Open Redirect","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000484.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000484.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000484","reference_id":"","reference_type":"","scores":[{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41545","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000484"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/issues/2232","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/issues/2232"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-73.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-73.yaml"},{"reference_url":"https://plone.org/security/hotfix/20171128/an-open-redirection-when-calling-a-specific-url","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20171128/an-open-redirection-when-calling-a-specific-url"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532487","reference_id":"1532487","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532487"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000484","reference_id":"CVE-2017-1000484","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000484"},{"reference_url":"https://github.com/advisories/GHSA-xvwv-6wvx-px9x","reference_id":"GHSA-xvwv-6wvx-px9x","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xvwv-6wvx-px9x"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/14658?format=json","purl":"pkg:pypi/plone@4.3.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16"},{"url":"http://public2.vulnerablecode.io/api/packages/14660?format=json","purl":"pkg:pypi/plone@5.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0"}],"aliases":["CVE-2017-1000484","GHSA-xvwv-6wvx-px9x","PYSEC-2018-73"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n722-gtzf-gqgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217407?format=json","vulnerability_id":"VCID-nedk-vykq-xfda","summary":"Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4190","reference_id":"","reference_type":"","scores":[{"value":"0.00256","scoring_system":"epss","scoring_elements":"0.49253","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4190"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978451","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978451"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-89rq-27xp-vgv7","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-89rq-27xp-vgv7"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-54.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-54.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4190","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4190"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4190","GHSA-89rq-27xp-vgv7","PYSEC-2014-54"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nedk-vykq-xfda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217515?format=json","vulnerability_id":"VCID-nkez-59zg-8fan","summary":"Cross-site scripting (XSS) vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.","references":[{"reference_url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7139.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7139","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7139"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Oct/80","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Oct/80"},{"reference_url":"https://github.com/advisories/GHSA-pp4c-2692-7f37","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pp4c-2692-7f37"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-62.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-62.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7139","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7139"},{"reference_url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone"},{"reference_url":"https://web.archive.org/web/20201207134910/http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201207134910/http://www.securityfocus.com/bid/92752"},{"reference_url":"https://web.archive.org/web/20201207134911/http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201207134911/http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/5"},{"reference_url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/92752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373464","reference_id":"1373464","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373464"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13148?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/48491?format=json","purl":"pkg:pypi/plone@5.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/13146?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7139","GHSA-pp4c-2692-7f37","PYSEC-2017-62"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nkez-59zg-8fan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217512?format=json","vulnerability_id":"VCID-nzjx-cckn-dfbc","summary":"Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV requests, which allows remote attackers to gain webdav access via unspecified vectors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4041","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62909","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4041"},{"reference_url":"https://github.com/advisories/GHSA-qqgj-22gr-73vx","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qqgj-22gr-73vx"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-55.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-55.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4041","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4041"},{"reference_url":"https://plone.org/security/hotfix/20160419/privilege-escalation-in-webdav","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160419/privilege-escalation-in-webdav"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/04/20/1","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/04/20/1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48483?format=json","purl":"pkg:pypi/plone@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/48490?format=json","purl":"pkg:pypi/plone@5.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/13150?format=json","purl":"pkg:pypi/plone@5.1a2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1a2"}],"aliases":["CVE-2016-4041","GHSA-qqgj-22gr-73vx","PYSEC-2017-55"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nzjx-cckn-dfbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200864?format=json","vulnerability_id":"VCID-p3mr-uajx-k7gg","summary":"Plone and Zope2 vulnerable to unauthorized access to restricted attributes","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5489.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5489.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5489","reference_id":"","reference_type":"","scores":[{"value":"0.00575","scoring_system":"epss","scoring_elements":"0.69231","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5489"},{"reference_url":"https://bugs.launchpad.net/zope2/+bug/1079238","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/zope2/+bug/1079238"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-31.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-31.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-74.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-74.yaml"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/05","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/05"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=878961","reference_id":"878961","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=878961"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5489","reference_id":"CVE-2012-5489","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5489"},{"reference_url":"https://github.com/advisories/GHSA-879r-7f3w-8jj3","reference_id":"GHSA-879r-7f3w-8jj3","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-879r-7f3w-8jj3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5489","GHSA-879r-7f3w-8jj3","PYSEC-2014-31","PYSEC-2014-74"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p3mr-uajx-k7gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200851?format=json","vulnerability_id":"VCID-pbhm-ufh6-cufd","summary":"HTTP header injection in Plone and Zope2","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1194","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1194"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5486.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5486.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5486","reference_id":"","reference_type":"","scores":[{"value":"0.00821","scoring_system":"epss","scoring_elements":"0.74842","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5486"},{"reference_url":"https://bugs.launchpad.net/zope2/+bug/930812","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/zope2/+bug/930812"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=878939","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=878939"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-28.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-28.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-73.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-73.yaml"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/02","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/02"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-5486","reference_id":"CVE-2012-5486","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-5486"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5486","reference_id":"CVE-2012-5486","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5486"},{"reference_url":"https://github.com/advisories/GHSA-77hv-8796-8ccp","reference_id":"GHSA-77hv-8796-8ccp","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-77hv-8796-8ccp"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5486","GHSA-77hv-8796-8ccp","PYSEC-2014-28","PYSEC-2014-73"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbhm-ufh6-cufd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217443?format=json","vulnerability_id":"VCID-pv6u-hm6u-hbc1","summary":"z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5491.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5491.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5491","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5491"},{"reference_url":"https://github.com/advisories/GHSA-f8pg-wp5j-rjxx","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-f8pg-wp5j-rjxx"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-33.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-33.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5491","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5491"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/07","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/07"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874131","reference_id":"874131","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874131"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5491","GHSA-f8pg-wp5j-rjxx","PYSEC-2014-33"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pv6u-hm6u-hbc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200809?format=json","vulnerability_id":"VCID-q5np-v195-tkbz","summary":"Plone and Zope2 affected by Race Condition","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5507.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5507.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5507","reference_id":"","reference_type":"","scores":[{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51372","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5507"},{"reference_url":"https://bugs.launchpad.net/zope2/+bug/1071067","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/zope2/+bug/1071067"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-49.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-49.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-75.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-75.yaml"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/23","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/23"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874110","reference_id":"874110","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874110"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5507","reference_id":"CVE-2012-5507","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5507"},{"reference_url":"https://github.com/advisories/GHSA-3qpr-7rmg-73v8","reference_id":"GHSA-3qpr-7rmg-73v8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3qpr-7rmg-73v8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5507","GHSA-3qpr-7rmg-73v8","PYSEC-2014-49","PYSEC-2014-75"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5np-v195-tkbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218159?format=json","vulnerability_id":"VCID-qmqy-eng1-3ka6","summary":"Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33510","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30522","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33510"},{"reference_url":"https://github.com/advisories/GHSA-4mg4-wvmx-5332","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4mg4-wvmx-5332"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-82.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-82.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33510","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33510"},{"reference_url":"https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-event-ical-url","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-event-ical-url"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64644?format=json","purl":"pkg:pypi/plone@5.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5"}],"aliases":["CVE-2021-33510","GHSA-4mg4-wvmx-5332","PYSEC-2021-82"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmqy-eng1-3ka6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217420?format=json","vulnerability_id":"VCID-qww5-d5cg-jfb5","summary":"Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7061.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7061.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7061","reference_id":"","reference_type":"","scores":[{"value":"0.00259","scoring_system":"epss","scoring_elements":"0.49554","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7061"},{"reference_url":"https://github.com/advisories/GHSA-4vr8-r7qr-fpvq","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-4vr8-r7qr-fpvq"},{"reference_url":"https://github.com/plone/Products.CMFPlone","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/a6a3e50f759da7e7ca46e50777a35e51f4d8ed48","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/a6a3e50f759da7e7ca46e50777a35e51f4d8ed48"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-66.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-66.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-68.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-68.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7061","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7061"},{"reference_url":"https://plone.org/security/20131210/catalogue-exposure","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/20131210/catalogue-exposure"},{"reference_url":"https://pypi.org/project/Products.PloneHotfix20131210","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/Products.PloneHotfix20131210"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/12/10/15","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/12/10/15"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/12/12/3","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/12/12/3"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1040379","reference_id":"1040379","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1040379"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/46599?format=json","purl":"pkg:pypi/plone@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.3"}],"aliases":["CVE-2013-7061","GHSA-4vr8-r7qr-fpvq","PYSEC-2014-66","PYSEC-2014-68"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qww5-d5cg-jfb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217405?format=json","vulnerability_id":"VCID-rdn1-sepc-xbdm","summary":"(1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed).","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4199","reference_id":"","reference_type":"","scores":[{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65549","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4199"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978482","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978482"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-xfjq-9rxq-ph6m","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-xfjq-9rxq-ph6m"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-63.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-63.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4199","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"2.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4199"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4199","GHSA-xfjq-9rxq-ph6m","PYSEC-2014-63"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rdn1-sepc-xbdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217513?format=json","vulnerability_id":"VCID-rmp2-rsv7-auds","summary":"Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4042","reference_id":"","reference_type":"","scores":[{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.46003","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4042"},{"reference_url":"https://github.com/advisories/GHSA-v4vj-49m5-wjhw","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v4vj-49m5-wjhw"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-56.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-56.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4042","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4042"},{"reference_url":"https://plone.org/security/hotfix/20160419/unauthorized-disclosure-of-site-content","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160419/unauthorized-disclosure-of-site-content"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/04/20/2","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/04/20/2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48483?format=json","purl":"pkg:pypi/plone@4.3.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.10"},{"url":"http://public2.vulnerablecode.io/api/packages/48490?format=json","purl":"pkg:pypi/plone@5.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/13150?format=json","purl":"pkg:pypi/plone@5.1a2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1a2"}],"aliases":["CVE-2016-4042","GHSA-v4vj-49m5-wjhw","PYSEC-2017-56"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rmp2-rsv7-auds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217455?format=json","vulnerability_id":"VCID-rqej-4883-q3ee","summary":"python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1194","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1194"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5488.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5488.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-5488","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-5488"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5488","reference_id":"","reference_type":"","scores":[{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.7104","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5488"},{"reference_url":"https://github.com/advisories/GHSA-cxw7-85xm-3xrc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-cxw7-85xm-3xrc"},{"reference_url":"https://github.com/plone/Products.CMFPlone","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-30.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-30.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5488","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5488"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/04","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/04"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=878945","reference_id":"878945","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=878945"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5488","GHSA-cxw7-85xm-3xrc","PYSEC-2014-30"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rqej-4883-q3ee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217452?format=json","vulnerability_id":"VCID-rsqs-u4ct-gbar","summary":"The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5487.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5487.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5487","reference_id":"","reference_type":"","scores":[{"value":"0.00656","scoring_system":"epss","scoring_elements":"0.715","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5487"},{"reference_url":"https://github.com/advisories/GHSA-9m4g-f42q-vrrh","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9m4g-f42q-vrrh"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-29.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-29.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5487","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5487"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/03","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/03"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"6.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=878941","reference_id":"878941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=878941"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5487","GHSA-9m4g-f42q-vrrh","PYSEC-2014-29"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rsqs-u4ct-gbar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217460?format=json","vulnerability_id":"VCID-rx3j-xjyn-6qbj","summary":"The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1194.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1194","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2014:1194"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5500.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5500.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-5500","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-5500"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5500","reference_id":"","reference_type":"","scores":[{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57322","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5500"},{"reference_url":"https://github.com/advisories/GHSA-2q75-f7cp-w86q","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2q75-f7cp-w86q"},{"reference_url":"https://github.com/plone/plone","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-42.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-42.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5500","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5500"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/16","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/16"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874649","reference_id":"874649","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874649"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5500","GHSA-2q75-f7cp-w86q","PYSEC-2014-42"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rx3j-xjyn-6qbj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/361676?format=json","vulnerability_id":"VCID-rxv3-yw68-a3cp","summary":"User information disclosure\nA vulnerability allows unauthorized disclosure of registered user information.","references":[{"reference_url":"https://plone.org/products/plone/security/advisories/20151208-announcement","reference_id":"","reference_type":"","scores":[],"url":"https://plone.org/products/plone/security/advisories/20151208-announcement"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48481?format=json","purl":"pkg:pypi/plone@4.3.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.8"},{"url":"http://public2.vulnerablecode.io/api/packages/48485?format=json","purl":"pkg:pypi/plone@5.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.1"}],"aliases":["GMS-2015-51"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxv3-yw68-a3cp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217410?format=json","vulnerability_id":"VCID-su9w-erpw-mqc3","summary":"Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, and (3) traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4189","reference_id":"","reference_type":"","scores":[{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66339","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4189"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978450","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978450"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-pwpq-632g-h49g","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pwpq-632g-h49g"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-53.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-53.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4189","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4189"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4189","GHSA-pwpq-632g-h49g","PYSEC-2014-53"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-su9w-erpw-mqc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218088?format=json","vulnerability_id":"VCID-t8kn-cm9s-yfgv","summary":"Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata (therefore, only available to the Manager role).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28736","reference_id":"","reference_type":"","scores":[{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65733","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28736"},{"reference_url":"https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt"},{"reference_url":"https://github.com/advisories/GHSA-2c8c-84w2-j38j","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2c8c-84w2-j38j"},{"reference_url":"https://github.com/plone/Products.CMFPlone/issues/3209","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/issues/3209"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-248.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-248.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28736","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28736"},{"reference_url":"https://www.misakikata.com/codes/plone/python-en.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.misakikata.com/codes/plone/python-en.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23898?format=json","purl":"pkg:pypi/plone@5.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3"}],"aliases":["CVE-2020-28736","GHSA-2c8c-84w2-j38j","PYSEC-2020-248"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t8kn-cm9s-yfgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217440?format=json","vulnerability_id":"VCID-tw7a-kck8-83dq","summary":"uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5492.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5492","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5492"},{"reference_url":"https://github.com/advisories/GHSA-6w93-4c4p-xv2x","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6w93-4c4p-xv2x"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-34.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-34.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5492","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5492"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/08","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/08"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874717","reference_id":"874717","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874717"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5492","GHSA-6w93-4c4p-xv2x","PYSEC-2014-34"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tw7a-kck8-83dq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218087?format=json","vulnerability_id":"VCID-utck-uem9-n7a6","summary":"Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28735","reference_id":"","reference_type":"","scores":[{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65733","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28735"},{"reference_url":"https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt"},{"reference_url":"https://github.com/advisories/GHSA-x7wf-5mjc-6x76","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-x7wf-5mjc-6x76"},{"reference_url":"https://github.com/plone/Products.CMFPlone/issues/3209","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/issues/3209"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-247.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-247.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28735","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28735"},{"reference_url":"https://www.misakikata.com/codes/plone/python-en.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.misakikata.com/codes/plone/python-en.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/23898?format=json","purl":"pkg:pypi/plone@5.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3"}],"aliases":["CVE-2020-28735","GHSA-x7wf-5mjc-6x76","PYSEC-2020-247"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-utck-uem9-n7a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217402?format=json","vulnerability_id":"VCID-uty1-5bvq-ffda","summary":"The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property,  redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the \"next\" parameter to acl_users/credentials_cookie_auth/require_login.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4200","reference_id":"","reference_type":"","scores":[{"value":"0.05344","scoring_system":"epss","scoring_elements":"0.90278","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4200"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200"},{"reference_url":"https://github.com/advisories/GHSA-56p3-rrp4-2j82","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-56p3-rrp4-2j82"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-64.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-64.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4200","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4200"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/08/01/2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/08/01/2"},{"reference_url":"http://www.securityfocus.com/archive/1/530787/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/530787/100/0/threaded"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38738.txt","reference_id":"CVE-2013-4200;OSVDB-95863","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38738.txt"},{"reference_url":"https://www.securityfocus.com/bid/61964/info","reference_id":"CVE-2013-4200;OSVDB-95863","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/61964/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4200","GHSA-56p3-rrp4-2j82","PYSEC-2014-64"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uty1-5bvq-ffda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200884?format=json","vulnerability_id":"VCID-vym8-d8sa-bye2","summary":"Plone and plone.app.users allow remote authenticated users to modify the properties of arbitrary accounts","references":[{"reference_url":"http://osvdb.org/72729","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/72729"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1950.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1950","reference_id":"","reference_type":"","scores":[{"value":"0.00762","scoring_system":"epss","scoring_elements":"0.73811","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1950"},{"reference_url":"http://secunia.com/advisories/44775","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44775"},{"reference_url":"http://securityreason.com/securityalert/8269","reference_id":"","reference_type":"","scores":[],"url":"http://securityreason.com/securityalert/8269"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67695","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67695"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-16.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-16.yaml"},{"reference_url":"http://www.securityfocus.com/archive/1/518155/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/518155/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/48005","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/48005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=711496","reference_id":"711496","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=711496"},{"reference_url":"http://plone.org/products/plone/security/advisories/CVE-2011-1950","reference_id":"CVE-2011-1950","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/CVE-2011-1950"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1950","reference_id":"CVE-2011-1950","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1950"},{"reference_url":"https://github.com/advisories/GHSA-2qx8-589j-gcpx","reference_id":"GHSA-2qx8-589j-gcpx","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-2qx8-589j-gcpx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13291?format=json","purl":"pkg:pypi/plone@4.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"}],"aliases":["CVE-2011-1950","GHSA-2qx8-589j-gcpx","PYSEC-2011-16"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vym8-d8sa-bye2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210119?format=json","vulnerability_id":"VCID-w7wr-p69p-13dw","summary":"Plone Unauthorized Access Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000483.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000483.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000483","reference_id":"","reference_type":"","scores":[{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.53121","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000483"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-72.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-72.yaml"},{"reference_url":"https://plone.org/security/hotfix/20171128/sandbox-escape","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20171128/sandbox-escape"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532484","reference_id":"1532484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532484"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000483","reference_id":"CVE-2017-1000483","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"7.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000483"},{"reference_url":"https://github.com/advisories/GHSA-qc57-h2f7-p4hx","reference_id":"GHSA-qc57-h2f7-p4hx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qc57-h2f7-p4hx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/14658?format=json","purl":"pkg:pypi/plone@4.3.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16"},{"url":"http://public2.vulnerablecode.io/api/packages/14660?format=json","purl":"pkg:pypi/plone@5.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0"}],"aliases":["CVE-2017-1000483","GHSA-qc57-h2f7-p4hx","PYSEC-2018-72"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7wr-p69p-13dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200818?format=json","vulnerability_id":"VCID-wxg7-n2p4-ayhw","summary":"Plone and Zope2 do not reseed pseudo-random number generator","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6661.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6661.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6661","reference_id":"","reference_type":"","scores":[{"value":"0.00403","scoring_system":"epss","scoring_elements":"0.61304","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6661"},{"reference_url":"https://bugs.launchpad.net/zope2/+bug/1071067","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/zope2/+bug/1071067"},{"reference_url":"https://github.com/plone/Products.CMFPlone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-51.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-51.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-76.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-76.yaml"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121124","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121124"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/24","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/24"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874108","reference_id":"874108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874108"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6661","reference_id":"CVE-2012-6661","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6661"},{"reference_url":"https://github.com/advisories/GHSA-48vv-2pmq-9fvv","reference_id":"GHSA-48vv-2pmq-9fvv","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-48vv-2pmq-9fvv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-6661","GHSA-48vv-2pmq-9fvv","PYSEC-2014-51","PYSEC-2014-76"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxg7-n2p4-ayhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217414?format=json","vulnerability_id":"VCID-wxz6-ka2n-jbdz","summary":"The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4196","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4196"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978475","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978475"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-qphh-5fv5-2mjj","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-qphh-5fv5-2mjj"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-60.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-60.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4196","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4196"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4196","GHSA-qphh-5fv5-2mjj","PYSEC-2014-60"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxz6-ka2n-jbdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217456?format=json","vulnerability_id":"VCID-xpdr-51cb-yudn","summary":"python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5506.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5506.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5506","reference_id":"","reference_type":"","scores":[{"value":"0.00603","scoring_system":"epss","scoring_elements":"0.70038","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5506"},{"reference_url":"https://github.com/advisories/GHSA-79hj-474h-v4xv","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-79hj-474h-v4xv"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-48.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-48.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5506","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5506"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/22","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/22"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874115","reference_id":"874115","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874115"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5506","GHSA-79hj-474h-v4xv","PYSEC-2014-48"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpdr-51cb-yudn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217458?format=json","vulnerability_id":"VCID-xsyw-pfvg-4qfm","summary":"The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors.  NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6661 was assigned for the PRNG reseeding issue in Zope.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5508.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5508.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5508","reference_id":"","reference_type":"","scores":[{"value":"0.00357","scoring_system":"epss","scoring_elements":"0.58361","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5508"},{"reference_url":"https://bugs.launchpad.net/zope2/+bug/1071067","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/zope2/+bug/1071067"},{"reference_url":"https://github.com/advisories/GHSA-wprr-mc54-c62q","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wprr-mc54-c62q"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-50.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-50.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5508","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5508"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121124","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121124"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/24","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/24"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874108","reference_id":"874108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874108"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5508","GHSA-wprr-mc54-c62q","PYSEC-2014-50"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsyw-pfvg-4qfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217637?format=json","vulnerability_id":"VCID-ys36-9r8f-63ab","summary":"When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login, you get redirected to the page you tried to view before. An attacker might try to abuse this by letting you click on a specially crafted link. You would login, and get redirected to the site of the attacker, letting you think that you are still on the original Plone site. Or some javascript of the attacker could be executed. Most of these types of attacks are already blocked by Plone, using the `isURLInPortal` check to make sure we only redirect to a page on the same Plone site. But a few more ways of tricking Plone into accepting a malicious link were discovered, and fixed with this hotfix.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000481.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000481.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000481","reference_id":"","reference_type":"","scores":[{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41545","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000481"},{"reference_url":"https://github.com/advisories/GHSA-8g72-gq68-6gqh","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-8g72-gq68-6gqh"},{"reference_url":"https://github.com/plone/Products.CMFPlone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373"},{"reference_url":"https://github.com/plone/Products.CMFPlone/issues/2232","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/issues/2232"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/2233","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/2233"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/2234","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/2234"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/2235","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/2235"},{"reference_url":"https://github.com/plone/Products.CMFPlone/pull/2236","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/pull/2236"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-70.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-70.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000481","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000481"},{"reference_url":"https://plone.org/security/hotfix/20171128/open-redirection-on-login-form","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20171128/open-redirection-on-login-form"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532489","reference_id":"1532489","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1532489"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/14658?format=json","purl":"pkg:pypi/plone@4.3.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16"},{"url":"http://public2.vulnerablecode.io/api/packages/14660?format=json","purl":"pkg:pypi/plone@5.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0"}],"aliases":["CVE-2017-1000481","GHSA-8g72-gq68-6gqh","PYSEC-2018-70"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ys36-9r8f-63ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200873?format=json","vulnerability_id":"VCID-ys4v-vwrn-4fa7","summary":"Plone allows remote attackers to read hidden folder contents","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5503.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5503.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5503","reference_id":"","reference_type":"","scores":[{"value":"0.00319","scoring_system":"epss","scoring_elements":"0.55373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5503"},{"reference_url":"https://github.com/plone/Products.CMFPlone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-45.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-45.yaml"},{"reference_url":"https://plone.org/products/plone-hotfix/releases/20121106","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone-hotfix/releases/20121106"},{"reference_url":"https://plone.org/products/plone/security/advisories/20121106/19","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/products/plone/security/advisories/20121106/19"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2012/11/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=874150","reference_id":"874150","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=874150"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5503","reference_id":"CVE-2012-5503","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5503"},{"reference_url":"https://github.com/advisories/GHSA-prr5-pfr8-q9f3","reference_id":"GHSA-prr5-pfr8-q9f3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-prr5-pfr8-q9f3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13254?format=json","purl":"pkg:pypi/plone@4.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/13258?format=json","purl":"pkg:pypi/plone@4.3b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1"}],"aliases":["CVE-2012-5503","GHSA-prr5-pfr8-q9f3","PYSEC-2014-45"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ys4v-vwrn-4fa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218157?format=json","vulnerability_id":"VCID-z48y-dbfw-ubea","summary":"Plone through 5.2.4 allows XSS via the inline_diff methods in Products.CMFDiffTool.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33513","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53951","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33513"},{"reference_url":"https://github.com/advisories/GHSA-fj67-w3m4-rfmp","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fj67-w3m4-rfmp"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-85.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-85.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33513","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33513"},{"reference_url":"https://plone.org/security/hotfix/20210518/xss-vulnerability-in-cmfdifftool","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/xss-vulnerability-in-cmfdifftool"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64644?format=json","purl":"pkg:pypi/plone@5.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5"}],"aliases":["CVE-2021-33513","GHSA-fj67-w3m4-rfmp","PYSEC-2021-85"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z48y-dbfw-ubea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62497?format=json","vulnerability_id":"VCID-znrm-edqa-nfbe","summary":"Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22889","reference_id":"","reference_type":"","scores":[{"value":"0.00554","scoring_system":"epss","scoring_elements":"0.68536","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22889"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-22889","reference_id":"CVE-2024-22889","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-22889"},{"reference_url":"https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9","reference_id":"CVE-2024-22889-Plone-v6.0.9","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-07T16:30:42Z/"}],"url":"https://github.com/shenhav12/CVE-2024-22889-Plone-v6.0.9"},{"reference_url":"https://github.com/advisories/GHSA-xg5p-8wg5-rhxm","reference_id":"GHSA-xg5p-8wg5-rhxm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xg5p-8wg5-rhxm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/702768?format=json","purl":"pkg:pypi/plone@6.0.10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@6.0.10"}],"aliases":["CVE-2024-22889","GHSA-xg5p-8wg5-rhxm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znrm-edqa-nfbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218161?format=json","vulnerability_id":"VCID-zny3-fyqj-h7bm","summary":"Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33508","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50962","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33508"},{"reference_url":"https://github.com/advisories/GHSA-rmpv-rcp6-v8wc","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rmpv-rcp6-v8wc"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-80.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-80.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33508","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33508"},{"reference_url":"https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64644?format=json","purl":"pkg:pypi/plone@5.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-znrm-edqa-nfbe"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5"}],"aliases":["CVE-2021-33508","GHSA-rmpv-rcp6-v8wc","PYSEC-2021-80"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zny3-fyqj-h7bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218154?format=json","vulnerability_id":"VCID-zpcq-187m-p3hk","summary":"Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites that allow untrusted users to add/edit Zope Page Templates through the web are at risk from this vulnerability. The problem has been fixed in Zope 5.2 and 4.6. As a workaround, a site administrator can restrict adding/editing Zope Page Templates through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing Zope Page Templates through the web should be restricted to trusted users only.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32633","reference_id":"","reference_type":"","scores":[{"value":"0.00943","scoring_system":"epss","scoring_elements":"0.76722","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32633"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32674","reference_id":"","reference_type":"","scores":[{"value":"0.00801","scoring_system":"epss","scoring_elements":"0.74512","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32674"},{"reference_url":"https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cyllective.com/blog/post/plone-authenticated-rce-cve-2021-32633"},{"reference_url":"https://github.com/advisories/GHSA-5vq5-pg3r-9ph3","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5vq5-pg3r-9ph3"},{"reference_url":"https://github.com/advisories/GHSA-962m-m8jw-8wrr","reference_id":"","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-962m-m8jw-8wrr"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2021-104.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2021-104.yaml"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2021-88.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/zope/PYSEC-2021-88.yaml"},{"reference_url":"https://github.com/zopefoundation/Zope","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/Zope"},{"reference_url":"https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/Zope/commit/1d897910139e2c0b11984fc9b78c1da1365bec21"},{"reference_url":"https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/Zope/commit/1f8456bf1f908ea46012537d52bd7e752a532c91"},{"reference_url":"https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36"},{"reference_url":"https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/Zope/security/advisories/GHSA-rpcg-f9q6-2mq6"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32633","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32633"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32674","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32674"},{"reference_url":"https://pypi.org/project/Zope","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/Zope"},{"reference_url":"https://pypi.org/project/Zope/","reference_id":"","reference_type":"","scores":[],"url":"https://pypi.org/project/Zope/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/21/1","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/21/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/22/1","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2021/05/22/1"},{"reference_url":"https://github.com/advisories/GHSA-5pr9-v234-jw36","reference_id":"GHSA-5pr9-v234-jw36","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5pr9-v234-jw36"},{"reference_url":"https://github.com/advisories/GHSA-rpcg-f9q6-2mq6","reference_id":"GHSA-rpcg-f9q6-2mq6","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rpcg-f9q6-2mq6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48628?format=json","purl":"pkg:pypi/plone@5.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0a1"}],"aliases":["CVE-2021-32633","CVE-2021-32674","GHSA-5pr9-v234-jw36","GHSA-5vq5-pg3r-9ph3","GHSA-962m-m8jw-8wrr","GHSA-rpcg-f9q6-2mq6","PYSEC-2021-104","PYSEC-2021-88"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zpcq-187m-p3hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217404?format=json","vulnerability_id":"VCID-zpsw-2yqh-dqb8","summary":"typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL.","references":[{"reference_url":"http://plone.org/products/plone-hotfix/releases/20130618","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone-hotfix/releases/20130618"},{"reference_url":"http://plone.org/products/plone/security/advisories/20130618-announcement","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://plone.org/products/plone/security/advisories/20130618-announcement"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4193","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54518","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4193"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=978469","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=978469"},{"reference_url":"http://seclists.org/oss-sec/2013/q3/261","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q3/261"},{"reference_url":"https://github.com/advisories/GHSA-6fgf-x7wg-hp8r","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-6fgf-x7wg-hp8r"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-57.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-57.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4193","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4193"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13251?format=json","purl":"pkg:pypi/plone@4.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/46299?format=json","purl":"pkg:pypi/plone@4.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"}],"aliases":["CVE-2013-4193","GHSA-6fgf-x7wg-hp8r","PYSEC-2014-57"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zpsw-2yqh-dqb8"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217597?format=json","vulnerability_id":"VCID-14h5-hnhw-zuc2","summary":"Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, 4.2.0 through 4.2.7, 4.3.0 through 4.3.6, and 5.0rc1 allows remote attackers to add a new member to a Plone site with registration enabled, without acknowledgment of site administrator.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7315.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7315.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7315","reference_id":"","reference_type":"","scores":[{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.63421","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7315"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264791","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264791"},{"reference_url":"https://github.com/advisories/GHSA-984m-rj28-8c6x","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-984m-rj28-8c6x"},{"reference_url":"https://github.com/plone/Products.CMFPlone","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/1845b0a92312291811b68907bf2aa0fb448c4016","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/1845b0a92312291811b68907bf2aa0fb448c4016"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/9f0111f85cd14f3f067044b59b93e2856c99d542","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/9f0111f85cd14f3f067044b59b93e2856c99d542"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-52.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-52.yaml"},{"reference_url":"https://github.com/zopefoundation/Products.CMFCore/commit/e1d981bfa14b664317285f0f36498f4be4a23406","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/zopefoundation/Products.CMFCore/commit/e1d981bfa14b664317285f0f36498f4be4a23406"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7315","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7315"},{"reference_url":"https://plone.org/security/20150910","reference_id":"","reference_type":"","scores":[],"url":"https://plone.org/security/20150910"},{"reference_url":"https://plone.org/security/20150910/anonymous-is-able-to-create-plone-members","reference_id":"","reference_type":"","scores":[],"url":"https://plone.org/security/20150910/anonymous-is-able-to-create-plone-members"},{"reference_url":"https://plone.org/security/hotfix/20150910/anonymous-is-able-to-create-plone-members","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20150910/anonymous-is-able-to-create-plone-members"},{"reference_url":"https://pypi.org/project/Products.PloneHotfix20150910","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/Products.PloneHotfix20150910"},{"reference_url":"https://pypi.python.org/pypi/Products.PloneHotfix20150910","reference_id":"","reference_type":"","scores":[],"url":"https://pypi.python.org/pypi/Products.PloneHotfix20150910"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/22/13","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.2","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2015/09/22/13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/45288?format=json","purl":"pkg:pypi/plone@4.1a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1a1"},{"url":"http://public2.vulnerablecode.io/api/packages/46590?format=json","purl":"pkg:pypi/plone@4.2a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a1"},{"url":"http://public2.vulnerablecode.io/api/packages/13256?format=json","purl":"pkg:pypi/plone@4.3a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3a1"},{"url":"http://public2.vulnerablecode.io/api/packages/48480?format=json","purl":"pkg:pypi/plone@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/48636?format=json","purl":"pkg:pypi/plone@5.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0rc2"}],"aliases":["CVE-2015-7315","GHSA-984m-rj28-8c6x","PYSEC-2017-52"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-14h5-hnhw-zuc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217525?format=json","vulnerability_id":"VCID-177r-1ryk-pfbp","summary":"Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.","references":[{"reference_url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7140.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7140","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7140"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Oct/80","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Oct/80"},{"reference_url":"https://github.com/advisories/GHSA-chvw-gjxf-f8mc","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-chvw-gjxf-f8mc"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-63.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-63.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7140","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7140"},{"reference_url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-zope2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-zope2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/5"},{"reference_url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373466","reference_id":"1373466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/13148?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/13146?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7140","GHSA-chvw-gjxf-f8mc","PYSEC-2017-63"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-177r-1ryk-pfbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217600?format=json","vulnerability_id":"VCID-3kbx-xrnj-nyfu","summary":"Cross-site scripting (XSS) vulnerability in Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, 4.2.0 through 4.2.7, 4.3.x before 4.3.7, and 5.0rc1.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7316.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7316.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7316","reference_id":"","reference_type":"","scores":[{"value":"0.0051","scoring_system":"epss","scoring_elements":"0.66855","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7316"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264788","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264788"},{"reference_url":"https://github.com/advisories/GHSA-vf8g-m3vq-6p4p","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-vf8g-m3vq-6p4p"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/plone/Products.CMFPlone/commit/3da710a2cd68587f0bf34f2e7ea1167d6eeee087","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Products.CMFPlone/commit/3da710a2cd68587f0bf34f2e7ea1167d6eeee087"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-53.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-53.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7316","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7316"},{"reference_url":"https://plone.org/security/20150910/","reference_id":"","reference_type":"","scores":[],"url":"https://plone.org/security/20150910/"},{"reference_url":"https://plone.org/security/20150910/non-persistent-xss-in-plone","reference_id":"","reference_type":"","scores":[],"url":"https://plone.org/security/20150910/non-persistent-xss-in-plone"},{"reference_url":"https://plone.org/security/hotfix/20150910/non-persistent-xss-in-plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20150910/non-persistent-xss-in-plone"},{"reference_url":"https://pypi.org/project/Products.PloneHotfix20150910","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pypi.org/project/Products.PloneHotfix20150910"},{"reference_url":"https://pypi.python.org/pypi/Products.PloneHotfix20150910","reference_id":"","reference_type":"","scores":[],"url":"https://pypi.python.org/pypi/Products.PloneHotfix20150910"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/22/14","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2015/09/22/14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/386076?format=json","purl":"pkg:pypi/plone@3.3.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@3.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/386077?format=json","purl":"pkg:pypi/plone@4.0.11","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/45288?format=json","purl":"pkg:pypi/plone@4.1a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1a1"},{"url":"http://public2.vulnerablecode.io/api/packages/386078?format=json","purl":"pkg:pypi/plone@4.1.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.7"},{"url":"http://public2.vulnerablecode.io/api/packages/46590?format=json","purl":"pkg:pypi/plone@4.2a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a1"},{"url":"http://public2.vulnerablecode.io/api/packages/386079?format=json","purl":"pkg:pypi/plone@4.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/13256?format=json","purl":"pkg:pypi/plone@4.3a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3a1"},{"url":"http://public2.vulnerablecode.io/api/packages/48480?format=json","purl":"pkg:pypi/plone@4.3.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.7"},{"url":"http://public2.vulnerablecode.io/api/packages/48636?format=json","purl":"pkg:pypi/plone@5.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0rc2"}],"aliases":["CVE-2015-7316","GHSA-vf8g-m3vq-6p4p","PYSEC-2017-53"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3kbx-xrnj-nyfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217516?format=json","vulnerability_id":"VCID-5qmx-515u-dbdq","summary":"Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter to (1) %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions or (2) folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions or the (3) came_from parameter to /login_form.","references":[{"reference_url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7137.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7137","reference_id":"","reference_type":"","scores":[{"value":"0.00477","scoring_system":"epss","scoring_elements":"0.65357","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7137"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Oct/80","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Oct/80"},{"reference_url":"https://github.com/advisories/GHSA-69vh-662j-v988","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-69vh-662j-v988"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-60.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-60.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7137","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7137"},{"reference_url":"https://plone.org/security/hotfix/20160830/open-redirection-in-plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160830/open-redirection-in-plone"},{"reference_url":"https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752"},{"reference_url":"https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/5"},{"reference_url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/92752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373440","reference_id":"1373440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373440"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/13148?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/13146?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7137","GHSA-69vh-662j-v988","PYSEC-2017-60"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qmx-515u-dbdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217599?format=json","vulnerability_id":"VCID-asdu-my4z-4kct","summary":"Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7318.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7318.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7318","reference_id":"","reference_type":"","scores":[{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.63017","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7318"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264796","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1264796"},{"reference_url":"https://github.com/advisories/GHSA-fq9r-8jpm-2222","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-fq9r-8jpm-2222"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-54.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-54.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7318","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7318"},{"reference_url":"https://plone.org/security/hotfix/20150910","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20150910"},{"reference_url":"https://plone.org/security/hotfix/20150910/header-injection","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20150910/header-injection"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/09/22/16","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2015/09/22/16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"}],"aliases":["CVE-2015-7318","GHSA-fq9r-8jpm-2222","PYSEC-2017-54"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-asdu-my4z-4kct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/209286?format=json","vulnerability_id":"VCID-jduh-f7z9-3qcc","summary":"Plone Zope cross-site scripting (XSS) vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7062.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7062.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7062","reference_id":"","reference_type":"","scores":[{"value":"0.00763","scoring_system":"epss","scoring_elements":"0.73859","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7062"},{"reference_url":"http://seclists.org/oss-sec/2013/q4/467","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q4/467"},{"reference_url":"http://seclists.org/oss-sec/2013/q4/485","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/oss-sec/2013/q4/485"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/89623","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/89623"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/89627","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/89627"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-218.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-218.yaml"},{"reference_url":"https://plone.org/security/20131210/zope-xss-in-browseridmanager","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/20131210/zope-xss-in-browseridmanager"},{"reference_url":"https://plone.org/security/20131210/zope-xss-in-OFS","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/20131210/zope-xss-in-OFS"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1040392","reference_id":"1040392","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1040392"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7062","reference_id":"CVE-2013-7062","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-7062"},{"reference_url":"https://github.com/advisories/GHSA-4793-w44w-m7xm","reference_id":"GHSA-4793-w44w-m7xm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4793-w44w-m7xm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/13281?format=json","purl":"pkg:pypi/plone@3.3.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-asdu-my4z-4kct"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@3.3.6"},{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/20794?format=json","purl":"pkg:pypi/plone@4.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/45287?format=json","purl":"pkg:pypi/plone@4.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/20796?format=json","purl":"pkg:pypi/plone@4.1.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.6"},{"url":"http://public2.vulnerablecode.io/api/packages/46590?format=json","purl":"pkg:pypi/plone@4.2a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-bdam-dhg3-5kap"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a1"},{"url":"http://public2.vulnerablecode.io/api/packages/13256?format=json","purl":"pkg:pypi/plone@4.3a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3a1"},{"url":"http://public2.vulnerablecode.io/api/packages/20792?format=json","purl":"pkg:pypi/plone@4.3.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jduh-f7z9-3qcc"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2"},{"url":"http://public2.vulnerablecode.io/api/packages/46599?format=json","purl":"pkg:pypi/plone@4.3.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3kbx-xrnj-nyfu"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.3"}],"aliases":["CVE-2013-7062","GHSA-4793-w44w-m7xm","PYSEC-2020-218"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jduh-f7z9-3qcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217518?format=json","vulnerability_id":"VCID-jp3d-8ja2-c3a6","summary":"Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.","references":[{"reference_url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7138.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7138","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7138"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Oct/80","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Oct/80"},{"reference_url":"https://github.com/advisories/GHSA-v3hp-f8qr-cf3p","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v3hp-f8qr-cf3p"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7138","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7138"},{"reference_url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1"},{"reference_url":"https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752"},{"reference_url":"https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/5"},{"reference_url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/92752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373442","reference_id":"1373442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373442"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/13148?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/13146?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7138","GHSA-v3hp-f8qr-cf3p","PYSEC-2017-61"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jp3d-8ja2-c3a6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/217515?format=json","vulnerability_id":"VCID-nkez-59zg-8fan","summary":"Cross-site scripting (XSS) vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.","references":[{"reference_url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7139.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7139","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.66058","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7139"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Oct/80","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Oct/80"},{"reference_url":"https://github.com/advisories/GHSA-pp4c-2692-7f37","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-pp4c-2692-7f37"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-62.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-62.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7139","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7139"},{"reference_url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone"},{"reference_url":"https://web.archive.org/web/20201207134910/http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201207134910/http://www.securityfocus.com/bid/92752"},{"reference_url":"https://web.archive.org/web/20201207134911/http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20201207134911/http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/5"},{"reference_url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/92752"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373464","reference_id":"1373464","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1373464"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45251?format=json","purl":"pkg:pypi/plone@4.0a1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-14h5-hnhw-zuc2"},{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-17pb-bgga-8ygp"},{"vulnerability":"VCID-1e1b-7fkz-rybz"},{"vulnerability":"VCID-1j4m-pw7f-augk"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-21n8-a2su-nbbd"},{"vulnerability":"VCID-2ped-pk9p-5be3"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-3rsq-dq49-uyfg"},{"vulnerability":"VCID-3ufm-n2ku-8uax"},{"vulnerability":"VCID-4qbd-mwc7-7kdw"},{"vulnerability":"VCID-4r5c-efmk-8feu"},{"vulnerability":"VCID-556h-c8hm-6qfc"},{"vulnerability":"VCID-6xwh-jvge-fkf9"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-7zku-wweg-xua6"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-afnm-51yp-4bhc"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-cfen-6xpt-rqa3"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-dur5-cy82-1kex"},{"vulnerability":"VCID-dwph-zncb-fkhv"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-fpv9-t5ew-aqe2"},{"vulnerability":"VCID-fxx5-msd8-1fh8"},{"vulnerability":"VCID-fz81-dgb8-27gh"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kcx4-zkp3-xucf"},{"vulnerability":"VCID-kmz7-9j1z-6fdp"},{"vulnerability":"VCID-m758-7mkw-g7ac"},{"vulnerability":"VCID-m7pv-me1q-6kh7"},{"vulnerability":"VCID-m98v-y63a-1yfr"},{"vulnerability":"VCID-mqru-hkfz-xkan"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nedk-vykq-xfda"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-p3mr-uajx-k7gg"},{"vulnerability":"VCID-pbhm-ufh6-cufd"},{"vulnerability":"VCID-pv6u-hm6u-hbc1"},{"vulnerability":"VCID-q5np-v195-tkbz"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-qww5-d5cg-jfb5"},{"vulnerability":"VCID-rdn1-sepc-xbdm"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-rqej-4883-q3ee"},{"vulnerability":"VCID-rsqs-u4ct-gbar"},{"vulnerability":"VCID-rx3j-xjyn-6qbj"},{"vulnerability":"VCID-rxv3-yw68-a3cp"},{"vulnerability":"VCID-su9w-erpw-mqc3"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tw7a-kck8-83dq"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-uty1-5bvq-ffda"},{"vulnerability":"VCID-vym8-d8sa-bye2"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-wxg7-n2p4-ayhw"},{"vulnerability":"VCID-wxz6-ka2n-jbdz"},{"vulnerability":"VCID-xpdr-51cb-yudn"},{"vulnerability":"VCID-xsyw-pfvg-4qfm"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-ys4v-vwrn-4fa7"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"},{"vulnerability":"VCID-zpsw-2yqh-dqb8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"},{"url":"http://public2.vulnerablecode.io/api/packages/13148?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-7h1m-1f34-5qcs"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/48491?format=json","purl":"pkg:pypi/plone@5.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-177r-1ryk-pfbp"},{"vulnerability":"VCID-1rvm-wt1t-kucb"},{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-5qmx-515u-dbdq"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-ezb4-3xtr-h3g6"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-jp3d-8ja2-c3a6"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nkez-59zg-8fan"},{"vulnerability":"VCID-nr4g-tdxq-byhh"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-xzvt-13fh-tubp"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/13146?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-213v-yc9d-u7dx"},{"vulnerability":"VCID-2ym8-nhsc-j7hf"},{"vulnerability":"VCID-37gz-3kz2-pyh5"},{"vulnerability":"VCID-4yk1-dgbv-rubx"},{"vulnerability":"VCID-6e71-df37-yyf1"},{"vulnerability":"VCID-7w2h-6rxu-xqcd"},{"vulnerability":"VCID-8kb4-bxbj-4udw"},{"vulnerability":"VCID-9qpy-74mb-cfc6"},{"vulnerability":"VCID-br6e-6exv-ykg6"},{"vulnerability":"VCID-d874-w13w-qkey"},{"vulnerability":"VCID-hb8u-3ubs-x7hf"},{"vulnerability":"VCID-hgwu-kg1s-ffcn"},{"vulnerability":"VCID-kzvb-7yn4-qbb9"},{"vulnerability":"VCID-m1gb-mydp-bbez"},{"vulnerability":"VCID-mu4f-29hh-dbhp"},{"vulnerability":"VCID-n722-gtzf-gqgd"},{"vulnerability":"VCID-nzjx-cckn-dfbc"},{"vulnerability":"VCID-qmqy-eng1-3ka6"},{"vulnerability":"VCID-rmp2-rsv7-auds"},{"vulnerability":"VCID-t8kn-cm9s-yfgv"},{"vulnerability":"VCID-tkhq-78vd-aygx"},{"vulnerability":"VCID-ub1u-ev6d-sugd"},{"vulnerability":"VCID-utck-uem9-n7a6"},{"vulnerability":"VCID-w7wr-p69p-13dw"},{"vulnerability":"VCID-ys36-9r8f-63ab"},{"vulnerability":"VCID-z48y-dbfw-ubea"},{"vulnerability":"VCID-znrm-edqa-nfbe"},{"vulnerability":"VCID-zny3-fyqj-h7bm"},{"vulnerability":"VCID-zpcq-187m-p3hk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7139","GHSA-pp4c-2692-7f37","PYSEC-2017-62"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nkez-59zg-8fan"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0a1"}