Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/plone@4.0.3
Typepypi
Namespace
Nameplone
Version4.0.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version5.2.5
Latest_non_vulnerable_version6.0.7
Affected_by_vulnerabilities
0
url VCID-311f-xecp-47fm
vulnerability_id VCID-311f-xecp-47fm
summary Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000483
reference_id
reference_type
scores
0
value 0.00294
scoring_system epss
scoring_elements 0.52982
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000483
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-72.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-72.yaml
3
reference_url https://plone.org/security/hotfix/20171128/sandbox-escape
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20171128/sandbox-escape
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000483
reference_id CVE-2017-1000483
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000483
5
reference_url https://github.com/advisories/GHSA-qc57-h2f7-p4hx
reference_id GHSA-qc57-h2f7-p4hx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qc57-h2f7-p4hx
fixed_packages
0
url pkg:pypi/plone@4.3.16
purl pkg:pypi/plone@4.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5tbn-qmuj-jya9
6
vulnerability VCID-5z33-3pqj-gygw
7
vulnerability VCID-9ze6-mfrw-ukdv
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-fga8-ymex-67fw
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-gsnt-c1cd-d3bf
12
vulnerability VCID-pv2n-2y41-pbg5
13
vulnerability VCID-r61f-p8nh-2bax
14
vulnerability VCID-r874-3h26-j3fp
15
vulnerability VCID-s5ab-nud4-5qdg
16
vulnerability VCID-sa7x-wvn1-skh1
17
vulnerability VCID-tfmu-7tad-xbbe
18
vulnerability VCID-wage-1bme-bkgb
19
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16
1
url pkg:pypi/plone@5.1.0
purl pkg:pypi/plone@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5z33-3pqj-gygw
6
vulnerability VCID-9ze6-mfrw-ukdv
7
vulnerability VCID-c3we-w4qc-6fhs
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-dnu9-u6zt-c7ch
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-pv2n-2y41-pbg5
12
vulnerability VCID-r61f-p8nh-2bax
13
vulnerability VCID-r874-3h26-j3fp
14
vulnerability VCID-sa7x-wvn1-skh1
15
vulnerability VCID-tfmu-7tad-xbbe
16
vulnerability VCID-wage-1bme-bkgb
17
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0
aliases CVE-2017-1000483, GHSA-qc57-h2f7-p4hx, PYSEC-2018-72
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-311f-xecp-47fm
1
url VCID-31m2-mwzq-judc
vulnerability_id VCID-31m2-mwzq-judc
summary mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4198
reference_id
reference_type
scores
0
value 0.00305
scoring_system epss
scoring_elements 0.54031
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4198
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978480
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978480
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-62.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-62.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4198
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4198
8
reference_url https://pypi.org/project/Products.PloneHotfix20130618
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/Products.PloneHotfix20130618
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4198, GHSA-qjxf-6pr8-j87v, PYSEC-2014-62
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31m2-mwzq-judc
2
url VCID-36xh-ua3s-gyfr
vulnerability_id VCID-36xh-ua3s-gyfr
summary Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata (therefore, only available to the Manager role).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28736
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65579
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28736
1
reference_url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
2
reference_url https://github.com/advisories/GHSA-2c8c-84w2-j38j
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2c8c-84w2-j38j
3
reference_url https://github.com/plone/Products.CMFPlone/issues/3209
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/3209
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-248.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-248.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28736
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28736
6
reference_url https://www.misakikata.com/codes/plone/python-en.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.misakikata.com/codes/plone/python-en.html
fixed_packages
0
url pkg:pypi/plone@5.2.3
purl pkg:pypi/plone@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3n34-5rm7-nbcj
1
vulnerability VCID-5e2c-6mkx-4udu
2
vulnerability VCID-9ze6-mfrw-ukdv
3
vulnerability VCID-ccuu-86vs-s3gs
4
vulnerability VCID-d68e-uehc-nudc
5
vulnerability VCID-dnu9-u6zt-c7ch
6
vulnerability VCID-pv2n-2y41-pbg5
7
vulnerability VCID-r61f-p8nh-2bax
8
vulnerability VCID-r874-3h26-j3fp
9
vulnerability VCID-sa7x-wvn1-skh1
10
vulnerability VCID-tfmu-7tad-xbbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3
aliases CVE-2020-28736, GHSA-2c8c-84w2-j38j, PYSEC-2020-248
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-36xh-ua3s-gyfr
3
url VCID-3n34-5rm7-nbcj
vulnerability_id VCID-3n34-5rm7-nbcj
summary Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33510
reference_id
reference_type
scores
0
value 0.0012
scoring_system epss
scoring_elements 0.30603
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33510
1
reference_url https://github.com/advisories/GHSA-4mg4-wvmx-5332
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-4mg4-wvmx-5332
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-82.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-82.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33510
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33510
5
reference_url https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-event-ical-url
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-event-ical-url
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33510, GHSA-4mg4-wvmx-5332, PYSEC-2021-82
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3n34-5rm7-nbcj
4
url VCID-3uw2-j3r6-77ch
vulnerability_id VCID-3uw2-j3r6-77ch
summary Cross-site scripting (XSS) vulnerability in python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to "{u,}translate."
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5494
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.5217
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5494
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-36.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-36.yaml
4
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
5
reference_url https://plone.org/products/plone/security/advisories/20121106/10
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/10
6
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5494
reference_id CVE-2012-5494
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5494
8
reference_url https://github.com/advisories/GHSA-3g6w-4m7x-97v6
reference_id GHSA-3g6w-4m7x-97v6
reference_type
scores
url https://github.com/advisories/GHSA-3g6w-4m7x-97v6
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5494, GHSA-3g6w-4m7x-97v6, PYSEC-2014-36
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3uw2-j3r6-77ch
5
url VCID-3v6x-b2g3-fyhq
vulnerability_id VCID-3v6x-b2g3-fyhq
summary z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5491
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55221
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5491
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-33.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-33.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5491
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5491
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/07
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/07
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5491, GHSA-f8pg-wp5j-rjxx, PYSEC-2014-33
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3v6x-b2g3-fyhq
6
url VCID-43m1-jkv8-jygp
vulnerability_id VCID-43m1-jkv8-jygp
summary A member of the Plone 2.5-5.1rc1 site could set javascript in the home_page property of his profile, and have this executed when a visitor click the home page link on the author page.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000482
reference_id
reference_type
scores
0
value 0.00287
scoring_system epss
scoring_elements 0.52428
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000482
1
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
2
reference_url https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
3
reference_url https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
4
reference_url https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
5
reference_url https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
6
reference_url https://github.com/plone/Products.CMFPlone/issues/2232
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/2232
7
reference_url https://github.com/plone/Products.CMFPlone/pull/2233
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2233
8
reference_url https://github.com/plone/Products.CMFPlone/pull/2234
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2234
9
reference_url https://github.com/plone/Products.CMFPlone/pull/2235
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2235
10
reference_url https://github.com/plone/Products.CMFPlone/pull/2236
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2236
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-71.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-71.yaml
12
reference_url https://plone.org/security/hotfix/20171128/xss-using-the-home_page-member-property
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20171128/xss-using-the-home_page-member-property
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000482
reference_id CVE-2017-1000482
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000482
14
reference_url https://github.com/advisories/GHSA-859j-668v-mrr6
reference_id GHSA-859j-668v-mrr6
reference_type
scores
url https://github.com/advisories/GHSA-859j-668v-mrr6
fixed_packages
0
url pkg:pypi/plone@4.3.16
purl pkg:pypi/plone@4.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5tbn-qmuj-jya9
6
vulnerability VCID-5z33-3pqj-gygw
7
vulnerability VCID-9ze6-mfrw-ukdv
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-fga8-ymex-67fw
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-gsnt-c1cd-d3bf
12
vulnerability VCID-pv2n-2y41-pbg5
13
vulnerability VCID-r61f-p8nh-2bax
14
vulnerability VCID-r874-3h26-j3fp
15
vulnerability VCID-s5ab-nud4-5qdg
16
vulnerability VCID-sa7x-wvn1-skh1
17
vulnerability VCID-tfmu-7tad-xbbe
18
vulnerability VCID-wage-1bme-bkgb
19
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16
1
url pkg:pypi/plone@5.1.0
purl pkg:pypi/plone@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5z33-3pqj-gygw
6
vulnerability VCID-9ze6-mfrw-ukdv
7
vulnerability VCID-c3we-w4qc-6fhs
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-dnu9-u6zt-c7ch
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-pv2n-2y41-pbg5
12
vulnerability VCID-r61f-p8nh-2bax
13
vulnerability VCID-r874-3h26-j3fp
14
vulnerability VCID-sa7x-wvn1-skh1
15
vulnerability VCID-tfmu-7tad-xbbe
16
vulnerability VCID-wage-1bme-bkgb
17
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0
aliases CVE-2017-1000482, GHSA-859j-668v-mrr6, PYSEC-2018-71
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-43m1-jkv8-jygp
7
url VCID-46az-51p2-yfdf
vulnerability_id VCID-46az-51p2-yfdf
summary gtbn.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5493
reference_id
reference_type
scores
0
value 0.0041
scoring_system epss
scoring_elements 0.6159
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5493
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-35.yaml
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-35.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5493
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5493
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/09
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/09
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5493, GHSA-25jh-5h5r-h33m, PYSEC-2014-35
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-46az-51p2-yfdf
8
url VCID-4bjr-mjug-gqd2
vulnerability_id VCID-4bjr-mjug-gqd2
summary Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, 4.2.0 through 4.2.7, 4.3.0 through 4.3.6, and 5.0rc1 allows remote attackers to add a new member to a Plone site with registration enabled, without acknowledgment of site administrator.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7315
reference_id
reference_type
scores
0
value 0.00436
scoring_system epss
scoring_elements 0.63273
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7315
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1264791
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1264791
2
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
3
reference_url https://github.com/plone/Products.CMFPlone/commit/1845b0a92312291811b68907bf2aa0fb448c4016
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/1845b0a92312291811b68907bf2aa0fb448c4016
4
reference_url https://github.com/plone/Products.CMFPlone/commit/9f0111f85cd14f3f067044b59b93e2856c99d542
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/9f0111f85cd14f3f067044b59b93e2856c99d542
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-52.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-52.yaml
6
reference_url https://github.com/zopefoundation/Products.CMFCore/commit/e1d981bfa14b664317285f0f36498f4be4a23406
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/zopefoundation/Products.CMFCore/commit/e1d981bfa14b664317285f0f36498f4be4a23406
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7315
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7315
8
reference_url https://plone.org/security/20150910
reference_id
reference_type
scores
url https://plone.org/security/20150910
9
reference_url https://plone.org/security/20150910/anonymous-is-able-to-create-plone-members
reference_id
reference_type
scores
url https://plone.org/security/20150910/anonymous-is-able-to-create-plone-members
10
reference_url https://plone.org/security/hotfix/20150910/anonymous-is-able-to-create-plone-members
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20150910/anonymous-is-able-to-create-plone-members
11
reference_url https://pypi.org/project/Products.PloneHotfix20150910
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/Products.PloneHotfix20150910
12
reference_url https://pypi.python.org/pypi/Products.PloneHotfix20150910
reference_id
reference_type
scores
url https://pypi.python.org/pypi/Products.PloneHotfix20150910
13
reference_url http://www.openwall.com/lists/oss-security/2015/09/22/13
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/09/22/13
fixed_packages
0
url pkg:pypi/plone@4.1a1
purl pkg:pypi/plone@4.1a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4xdg-1sku-17cd
10
vulnerability VCID-4ym2-39bg-dbga
11
vulnerability VCID-5bnw-ktd3-8qeb
12
vulnerability VCID-5e2c-6mkx-4udu
13
vulnerability VCID-5kaj-zugj-mbh1
14
vulnerability VCID-5tbn-qmuj-jya9
15
vulnerability VCID-5z33-3pqj-gygw
16
vulnerability VCID-6898-z4k5-h3b6
17
vulnerability VCID-6rsz-krhe-q3gz
18
vulnerability VCID-7mc8-x346-eyaq
19
vulnerability VCID-83xg-a5v4-4bcw
20
vulnerability VCID-8gk5-28z6-7bcf
21
vulnerability VCID-8j8e-z731-7fbz
22
vulnerability VCID-8md9-zymx-w7cn
23
vulnerability VCID-8r52-vc7e-f3bc
24
vulnerability VCID-99bf-ybqh-dfad
25
vulnerability VCID-9ze6-mfrw-ukdv
26
vulnerability VCID-a628-5uyk-w3ca
27
vulnerability VCID-a67e-svcb-ekhc
28
vulnerability VCID-bj9p-4wzt-47cf
29
vulnerability VCID-ch1t-qmtc-xqfx
30
vulnerability VCID-d68e-uehc-nudc
31
vulnerability VCID-fd6y-2fcd-jbck
32
vulnerability VCID-fga8-ymex-67fw
33
vulnerability VCID-gejv-h449-13e4
34
vulnerability VCID-gsnt-c1cd-d3bf
35
vulnerability VCID-hzgj-wca9-z3d1
36
vulnerability VCID-jhc2-yux7-vybj
37
vulnerability VCID-k34d-p9vb-g7by
38
vulnerability VCID-kak6-5sps-z3da
39
vulnerability VCID-kmd1-vu9u-d7g4
40
vulnerability VCID-kvvr-zc1s-akhn
41
vulnerability VCID-m91w-vguw-qkem
42
vulnerability VCID-mgpa-1taj-pycj
43
vulnerability VCID-njnv-5cwt-4ygy
44
vulnerability VCID-pncb-4m8u-hbaw
45
vulnerability VCID-pv2n-2y41-pbg5
46
vulnerability VCID-qkv2-qpe2-97cx
47
vulnerability VCID-qskf-bt81-5bbe
48
vulnerability VCID-r874-3h26-j3fp
49
vulnerability VCID-rn4s-px1y-7fbc
50
vulnerability VCID-s5ab-nud4-5qdg
51
vulnerability VCID-sa7x-wvn1-skh1
52
vulnerability VCID-scgs-bz44-ebfk
53
vulnerability VCID-swq8-17qu-vyfw
54
vulnerability VCID-tfmu-7tad-xbbe
55
vulnerability VCID-u1hz-5a2a-ybac
56
vulnerability VCID-uduq-ujbb-6qd2
57
vulnerability VCID-ugq4-1vzc-6uh5
58
vulnerability VCID-uv7n-awe5-2fav
59
vulnerability VCID-vc1v-xsbc-kff1
60
vulnerability VCID-w2u3-bnqq-mqfz
61
vulnerability VCID-wage-1bme-bkgb
62
vulnerability VCID-xa5e-bbcv-byg9
63
vulnerability VCID-xksv-mub7-dyck
64
vulnerability VCID-xpjk-k6tj-2uba
65
vulnerability VCID-y2bq-cb4v-mke6
66
vulnerability VCID-ykg2-qbyr-ayd5
67
vulnerability VCID-ymbd-m6tf-5bap
68
vulnerability VCID-z8kt-tf38-eqgc
69
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1a1
1
url pkg:pypi/plone@4.2a1
purl pkg:pypi/plone@4.2a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4hzn-mj8g-37ew
8
vulnerability VCID-4ym2-39bg-dbga
9
vulnerability VCID-5e2c-6mkx-4udu
10
vulnerability VCID-5kaj-zugj-mbh1
11
vulnerability VCID-5tbn-qmuj-jya9
12
vulnerability VCID-5z33-3pqj-gygw
13
vulnerability VCID-6898-z4k5-h3b6
14
vulnerability VCID-6rsz-krhe-q3gz
15
vulnerability VCID-8gk5-28z6-7bcf
16
vulnerability VCID-8j8e-z731-7fbz
17
vulnerability VCID-8md9-zymx-w7cn
18
vulnerability VCID-99bf-ybqh-dfad
19
vulnerability VCID-9ze6-mfrw-ukdv
20
vulnerability VCID-a67e-svcb-ekhc
21
vulnerability VCID-ch1t-qmtc-xqfx
22
vulnerability VCID-d68e-uehc-nudc
23
vulnerability VCID-fga8-ymex-67fw
24
vulnerability VCID-gejv-h449-13e4
25
vulnerability VCID-gsnt-c1cd-d3bf
26
vulnerability VCID-hzgj-wca9-z3d1
27
vulnerability VCID-jhc2-yux7-vybj
28
vulnerability VCID-k34d-p9vb-g7by
29
vulnerability VCID-kak6-5sps-z3da
30
vulnerability VCID-kvvr-zc1s-akhn
31
vulnerability VCID-m91w-vguw-qkem
32
vulnerability VCID-mgpa-1taj-pycj
33
vulnerability VCID-njnv-5cwt-4ygy
34
vulnerability VCID-pncb-4m8u-hbaw
35
vulnerability VCID-pv2n-2y41-pbg5
36
vulnerability VCID-r874-3h26-j3fp
37
vulnerability VCID-rv8k-q8hx-7yeb
38
vulnerability VCID-s5ab-nud4-5qdg
39
vulnerability VCID-sa7x-wvn1-skh1
40
vulnerability VCID-scgs-bz44-ebfk
41
vulnerability VCID-tfmu-7tad-xbbe
42
vulnerability VCID-u1hz-5a2a-ybac
43
vulnerability VCID-uduq-ujbb-6qd2
44
vulnerability VCID-ugq4-1vzc-6uh5
45
vulnerability VCID-vc1v-xsbc-kff1
46
vulnerability VCID-w2u3-bnqq-mqfz
47
vulnerability VCID-wage-1bme-bkgb
48
vulnerability VCID-xa5e-bbcv-byg9
49
vulnerability VCID-xksv-mub7-dyck
50
vulnerability VCID-xpjk-k6tj-2uba
51
vulnerability VCID-y2bq-cb4v-mke6
52
vulnerability VCID-ymbd-m6tf-5bap
53
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a1
2
url pkg:pypi/plone@4.3a1
purl pkg:pypi/plone@4.3a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5e2c-6mkx-4udu
11
vulnerability VCID-5kaj-zugj-mbh1
12
vulnerability VCID-5tbn-qmuj-jya9
13
vulnerability VCID-5z33-3pqj-gygw
14
vulnerability VCID-6898-z4k5-h3b6
15
vulnerability VCID-6rsz-krhe-q3gz
16
vulnerability VCID-8gk5-28z6-7bcf
17
vulnerability VCID-8j8e-z731-7fbz
18
vulnerability VCID-8md9-zymx-w7cn
19
vulnerability VCID-99bf-ybqh-dfad
20
vulnerability VCID-9ze6-mfrw-ukdv
21
vulnerability VCID-a67e-svcb-ekhc
22
vulnerability VCID-ch1t-qmtc-xqfx
23
vulnerability VCID-d68e-uehc-nudc
24
vulnerability VCID-fga8-ymex-67fw
25
vulnerability VCID-gejv-h449-13e4
26
vulnerability VCID-gsnt-c1cd-d3bf
27
vulnerability VCID-hzgj-wca9-z3d1
28
vulnerability VCID-jhc2-yux7-vybj
29
vulnerability VCID-k34d-p9vb-g7by
30
vulnerability VCID-kak6-5sps-z3da
31
vulnerability VCID-kvvr-zc1s-akhn
32
vulnerability VCID-m91w-vguw-qkem
33
vulnerability VCID-mgpa-1taj-pycj
34
vulnerability VCID-njnv-5cwt-4ygy
35
vulnerability VCID-pncb-4m8u-hbaw
36
vulnerability VCID-pv2n-2y41-pbg5
37
vulnerability VCID-r874-3h26-j3fp
38
vulnerability VCID-s5ab-nud4-5qdg
39
vulnerability VCID-sa7x-wvn1-skh1
40
vulnerability VCID-scgs-bz44-ebfk
41
vulnerability VCID-sg6k-wdwq-9bgd
42
vulnerability VCID-tfmu-7tad-xbbe
43
vulnerability VCID-u1hz-5a2a-ybac
44
vulnerability VCID-uduq-ujbb-6qd2
45
vulnerability VCID-ugq4-1vzc-6uh5
46
vulnerability VCID-vc1v-xsbc-kff1
47
vulnerability VCID-w2u3-bnqq-mqfz
48
vulnerability VCID-wage-1bme-bkgb
49
vulnerability VCID-xa5e-bbcv-byg9
50
vulnerability VCID-xksv-mub7-dyck
51
vulnerability VCID-xpjk-k6tj-2uba
52
vulnerability VCID-y2bq-cb4v-mke6
53
vulnerability VCID-ymbd-m6tf-5bap
54
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3a1
3
url pkg:pypi/plone@4.3.7
purl pkg:pypi/plone@4.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-9ze6-mfrw-ukdv
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pv2n-2y41-pbg5
20
vulnerability VCID-r61f-p8nh-2bax
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-y2bq-cb4v-mke6
30
vulnerability VCID-ymbd-m6tf-5bap
31
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.7
4
url pkg:pypi/plone@5.0rc2
purl pkg:pypi/plone@5.0rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5z33-3pqj-gygw
6
vulnerability VCID-9ze6-mfrw-ukdv
7
vulnerability VCID-d68e-uehc-nudc
8
vulnerability VCID-fga8-ymex-67fw
9
vulnerability VCID-gejv-h449-13e4
10
vulnerability VCID-gsnt-c1cd-d3bf
11
vulnerability VCID-jn3b-smfx-87gg
12
vulnerability VCID-pv2n-2y41-pbg5
13
vulnerability VCID-r61f-p8nh-2bax
14
vulnerability VCID-r874-3h26-j3fp
15
vulnerability VCID-s5ab-nud4-5qdg
16
vulnerability VCID-sa7x-wvn1-skh1
17
vulnerability VCID-tfmu-7tad-xbbe
18
vulnerability VCID-ugq4-1vzc-6uh5
19
vulnerability VCID-w2u3-bnqq-mqfz
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0rc2
aliases CVE-2015-7315, GHSA-984m-rj28-8c6x, PYSEC-2017-52
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4bjr-mjug-gqd2
9
url VCID-4hzn-mj8g-37ew
vulnerability_id VCID-4hzn-mj8g-37ew
summary Cross-site scripting (XSS) vulnerability in widget_traversal.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5504
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.5217
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5504
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-46.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-46.yaml
4
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
5
reference_url https://plone.org/products/plone/security/advisories/20121106/20
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/20
6
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5504
reference_id CVE-2012-5504
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5504
8
reference_url https://github.com/advisories/GHSA-5whw-5cmm-9jw4
reference_id GHSA-5whw-5cmm-9jw4
reference_type
scores
url https://github.com/advisories/GHSA-5whw-5cmm-9jw4
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5504, GHSA-5whw-5cmm-9jw4, PYSEC-2014-46
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hzn-mj8g-37ew
10
url VCID-4xdg-1sku-17cd
vulnerability_id VCID-4xdg-1sku-17cd
summary Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
references
0
reference_url http://osvdb.org/72727
reference_id
reference_type
scores
url http://osvdb.org/72727
1
reference_url http://plone.org/products/plone/security/advisories/CVE-2011-1948
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/CVE-2011-1948
2
reference_url https://access.redhat.com/errata/RHSA-2012:0151
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2012:0151
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1948
reference_id
reference_type
scores
0
value 0.00529
scoring_system epss
scoring_elements 0.6749
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1948
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=711494
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=711494
5
reference_url http://secunia.com/advisories/44775
reference_id
reference_type
scores
url http://secunia.com/advisories/44775
6
reference_url http://secunia.com/advisories/44776
reference_id
reference_type
scores
url http://secunia.com/advisories/44776
7
reference_url http://securityreason.com/securityalert/8269
reference_id
reference_type
scores
url http://securityreason.com/securityalert/8269
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/67693
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/67693
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-14.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-14.yaml
10
reference_url http://www.securityfocus.com/archive/1/518155/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/518155/100/0/threaded
11
reference_url http://www.securityfocus.com/bid/48005
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/48005
12
reference_url https://access.redhat.com/security/cve/CVE-2011-1948
reference_id CVE-2011-1948
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2011-1948
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-1948
reference_id CVE-2011-1948
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-1948
14
reference_url https://github.com/advisories/GHSA-p7h9-vf92-5fj5
reference_id GHSA-p7h9-vf92-5fj5
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-p7h9-vf92-5fj5
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
aliases CVE-2011-1948, GHSA-p7h9-vf92-5fj5, PYSEC-2011-14
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xdg-1sku-17cd
11
url VCID-4ym2-39bg-dbga
vulnerability_id VCID-4ym2-39bg-dbga
summary ZPublisher.HTTPRequest._scrubHeader in Zope 2 before 2.13.19, as used in Plone before 4.3 beta 1, allows remote attackers to inject arbitrary HTTP headers via a linefeed (LF) character.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5486
reference_id
reference_type
scores
0
value 0.00821
scoring_system epss
scoring_elements 0.74709
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5486
3
reference_url https://bugs.launchpad.net/zope2/+bug/930812
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/930812
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878939
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=878939
5
reference_url https://github.com/advisories/GHSA-77hv-8796-8ccp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-77hv-8796-8ccp
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-28.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-28.yaml
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-73.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-73.yaml
8
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
9
reference_url https://plone.org/products/plone/security/advisories/20121106/02
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/02
10
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
11
reference_url https://access.redhat.com/security/cve/CVE-2012-5486
reference_id CVE-2012-5486
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5486
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5486
reference_id CVE-2012-5486
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5486
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5486, GHSA-77hv-8796-8ccp, PYSEC-2014-28, PYSEC-2014-73
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ym2-39bg-dbga
12
url VCID-5bnw-ktd3-8qeb
vulnerability_id VCID-5bnw-ktd3-8qeb
summary Plone 4.1.3 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
references
0
reference_url http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4462
reference_id
reference_type
scores
0
value 0.00925
scoring_system epss
scoring_elements 0.76367
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4462
2
reference_url http://secunia.com/advisories/47406
reference_id
reference_type
scores
url http://secunia.com/advisories/47406
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/72018
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/72018
4
reference_url https://github.com/advisories/GHSA-pcwm-8jc3-qxvj
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-pcwm-8jc3-qxvj
5
reference_url https://github.com/plone/plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-22.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-22.yaml
7
reference_url http://www.kb.cert.org/vuls/id/903934
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.kb.cert.org/vuls/id/903934
8
reference_url http://www.nruns.com/_downloads/advisory28122011.pdf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.nruns.com/_downloads/advisory28122011.pdf
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-4462
reference_id CVE-2011-4462
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-4462
10
reference_url http://www.ocert.org/advisories/ocert-2011-003.html
reference_id CVE-2011-4885;OSVDB-78115
reference_type exploit
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ocert.org/advisories/ocert-2011-003.html
fixed_packages
0
url pkg:pypi/plone@4.1.4
purl pkg:pypi/plone@4.1.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5e2c-6mkx-4udu
11
vulnerability VCID-5kaj-zugj-mbh1
12
vulnerability VCID-5tbn-qmuj-jya9
13
vulnerability VCID-5z33-3pqj-gygw
14
vulnerability VCID-6898-z4k5-h3b6
15
vulnerability VCID-6rsz-krhe-q3gz
16
vulnerability VCID-8gk5-28z6-7bcf
17
vulnerability VCID-8j8e-z731-7fbz
18
vulnerability VCID-8md9-zymx-w7cn
19
vulnerability VCID-99bf-ybqh-dfad
20
vulnerability VCID-9ze6-mfrw-ukdv
21
vulnerability VCID-a67e-svcb-ekhc
22
vulnerability VCID-ch1t-qmtc-xqfx
23
vulnerability VCID-d68e-uehc-nudc
24
vulnerability VCID-fga8-ymex-67fw
25
vulnerability VCID-gejv-h449-13e4
26
vulnerability VCID-gsnt-c1cd-d3bf
27
vulnerability VCID-hzgj-wca9-z3d1
28
vulnerability VCID-jhc2-yux7-vybj
29
vulnerability VCID-k34d-p9vb-g7by
30
vulnerability VCID-kak6-5sps-z3da
31
vulnerability VCID-kvvr-zc1s-akhn
32
vulnerability VCID-m91w-vguw-qkem
33
vulnerability VCID-mgpa-1taj-pycj
34
vulnerability VCID-njnv-5cwt-4ygy
35
vulnerability VCID-pn5z-xdcd-zqd5
36
vulnerability VCID-pncb-4m8u-hbaw
37
vulnerability VCID-pv2n-2y41-pbg5
38
vulnerability VCID-r874-3h26-j3fp
39
vulnerability VCID-s5ab-nud4-5qdg
40
vulnerability VCID-sa7x-wvn1-skh1
41
vulnerability VCID-scgs-bz44-ebfk
42
vulnerability VCID-tfmu-7tad-xbbe
43
vulnerability VCID-u1hz-5a2a-ybac
44
vulnerability VCID-uduq-ujbb-6qd2
45
vulnerability VCID-ugq4-1vzc-6uh5
46
vulnerability VCID-vc1v-xsbc-kff1
47
vulnerability VCID-w2u3-bnqq-mqfz
48
vulnerability VCID-wage-1bme-bkgb
49
vulnerability VCID-xa5e-bbcv-byg9
50
vulnerability VCID-xksv-mub7-dyck
51
vulnerability VCID-xpjk-k6tj-2uba
52
vulnerability VCID-y2bq-cb4v-mke6
53
vulnerability VCID-yaa8-vy4x-cqbq
54
vulnerability VCID-ymbd-m6tf-5bap
55
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.4
aliases CVE-2011-4462, GHSA-pcwm-8jc3-qxvj, PYSEC-2011-22
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5bnw-ktd3-8qeb
13
url VCID-5e2c-6mkx-4udu
vulnerability_id VCID-5e2c-6mkx-4udu
summary Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming, plone.app.dexterity, and plone.supermodel.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33511
reference_id
reference_type
scores
0
value 0.00276
scoring_system epss
scoring_elements 0.51216
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33511
1
reference_url https://github.com/advisories/GHSA-gc9g-67cq-p7v4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-gc9g-67cq-p7v4
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-83.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-83.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33511
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33511
5
reference_url https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-lxml-parser
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/server-side-request-forgery-via-lxml-parser
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33511, GHSA-gc9g-67cq-p7v4, PYSEC-2021-83
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5e2c-6mkx-4udu
14
url VCID-5kaj-zugj-mbh1
vulnerability_id VCID-5kaj-zugj-mbh1
summary Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7140
reference_id
reference_type
scores
0
value 0.00491
scoring_system epss
scoring_elements 0.65908
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7140
2
reference_url http://seclists.org/fulldisclosure/2016/Oct/80
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Oct/80
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-63.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-63.yaml
5
reference_url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-zope2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-zope2
6
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/4
7
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/5
8
reference_url http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/539572/100/0/threaded
9
reference_url http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/92752
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7140
reference_id CVE-2016-7140
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7140
11
reference_url https://github.com/advisories/GHSA-chvw-gjxf-f8mc
reference_id GHSA-chvw-gjxf-f8mc
reference_type
scores
url https://github.com/advisories/GHSA-chvw-gjxf-f8mc
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-gsnt-c1cd-d3bf
15
vulnerability VCID-jn3b-smfx-87gg
16
vulnerability VCID-pv2n-2y41-pbg5
17
vulnerability VCID-r61f-p8nh-2bax
18
vulnerability VCID-r874-3h26-j3fp
19
vulnerability VCID-s5ab-nud4-5qdg
20
vulnerability VCID-sa7x-wvn1-skh1
21
vulnerability VCID-tfmu-7tad-xbbe
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-y2bq-cb4v-mke6
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
aliases CVE-2016-7140, GHSA-chvw-gjxf-f8mc, PYSEC-2017-63
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5kaj-zugj-mbh1
15
url VCID-5tbn-qmuj-jya9
vulnerability_id VCID-5tbn-qmuj-jya9
summary Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.
references
0
reference_url http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://hyp3rlinx.altervista.org/advisories/AS-ZOPE-CSRF.txt
1
reference_url http://packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/133889/Zope-Management-Interface-4.3.7-Cross-Site-Request-Forgery.html
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7293
reference_id
reference_type
scores
0
value 0.00332
scoring_system epss
scoring_elements 0.56335
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7293
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-51.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-51.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7293
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7293
6
reference_url https://plone.org/security/hotfix/20151006
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20151006
7
reference_url https://pypi.python.org/pypi/plone4.csrffixes
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pypi.python.org/pypi/plone4.csrffixes
8
reference_url https://www.exploit-db.com/exploits/38411
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/38411
9
reference_url https://www.exploit-db.com/exploits/38411/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/38411/
10
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38411.txt
reference_id CVE-2015-7293;OSVDB-128533;OSVDB-128532
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38411.txt
fixed_packages
0
url pkg:pypi/plone@5.0a1
purl pkg:pypi/plone@5.0a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-ugq4-1vzc-6uh5
21
vulnerability VCID-w2u3-bnqq-mqfz
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-yaa8-vy4x-cqbq
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0a1
aliases CVE-2015-7293, GHSA-p3qm-44cf-f8qx, PYSEC-2017-51
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tbn-qmuj-jya9
16
url VCID-5z33-3pqj-gygw
vulnerability_id VCID-5z33-3pqj-gygw
summary Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28734
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65579
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28734
1
reference_url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
2
reference_url https://github.com/advisories/GHSA-wq6x-g685-w5f2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-wq6x-g685-w5f2
3
reference_url https://github.com/plone/Products.CMFPlone/issues/3209
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/3209
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-246.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-246.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28734
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28734
6
reference_url https://www.misakikata.com/codes/plone/python-en.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.misakikata.com/codes/plone/python-en.html
fixed_packages
0
url pkg:pypi/plone@5.2.3
purl pkg:pypi/plone@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3n34-5rm7-nbcj
1
vulnerability VCID-5e2c-6mkx-4udu
2
vulnerability VCID-9ze6-mfrw-ukdv
3
vulnerability VCID-ccuu-86vs-s3gs
4
vulnerability VCID-d68e-uehc-nudc
5
vulnerability VCID-dnu9-u6zt-c7ch
6
vulnerability VCID-pv2n-2y41-pbg5
7
vulnerability VCID-r61f-p8nh-2bax
8
vulnerability VCID-r874-3h26-j3fp
9
vulnerability VCID-sa7x-wvn1-skh1
10
vulnerability VCID-tfmu-7tad-xbbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3
aliases CVE-2020-28734, GHSA-wq6x-g685-w5f2, PYSEC-2020-246
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5z33-3pqj-gygw
17
url VCID-6898-z4k5-h3b6
vulnerability_id VCID-6898-z4k5-h3b6
summary Cross-site scripting (XSS) vulnerability in the manage_findResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the obj_ids:tokens parameter. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7140.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7147
reference_id
reference_type
scores
0
value 0.00299
scoring_system epss
scoring_elements 0.53489
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7147
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-64.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-64.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7147
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7147
4
reference_url https://plone.org/security/hotfix/20170117
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20170117
5
reference_url https://plone.org/security/hotfix/20170117/non-persistent-xss-in-zope2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20170117/non-persistent-xss-in-zope2
6
reference_url https://web.archive.org/web/20170214002551/http://www.securityfocus.com/bid/96117
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20170214002551/http://www.securityfocus.com/bid/96117
7
reference_url https://www.curesec.com/blog/article/blog/Plone-XSS-186.html
reference_id
reference_type
scores
url https://www.curesec.com/blog/article/blog/Plone-XSS-186.html
8
reference_url http://www.curesec.com/blog/article/blog/Plone-XSS-186.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.curesec.com/blog/article/blog/Plone-XSS-186.html
9
reference_url http://www.securityfocus.com/bid/96117
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96117
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-gsnt-c1cd-d3bf
15
vulnerability VCID-jn3b-smfx-87gg
16
vulnerability VCID-pv2n-2y41-pbg5
17
vulnerability VCID-r61f-p8nh-2bax
18
vulnerability VCID-r874-3h26-j3fp
19
vulnerability VCID-s5ab-nud4-5qdg
20
vulnerability VCID-sa7x-wvn1-skh1
21
vulnerability VCID-tfmu-7tad-xbbe
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-y2bq-cb4v-mke6
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
aliases CVE-2016-7147, GHSA-84jm-cpc5-c7g7, PYSEC-2017-64
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6898-z4k5-h3b6
18
url VCID-6rsz-krhe-q3gz
vulnerability_id VCID-6rsz-krhe-q3gz
summary ftp.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read hidden folder contents via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5503
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55221
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5503
1
reference_url https://github.com/advisories/GHSA-prr5-pfr8-q9f3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-prr5-pfr8-q9f3
2
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
3
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-45.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-45.yaml
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/19
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/19
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5503
reference_id CVE-2012-5503
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5503
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5503, GHSA-prr5-pfr8-q9f3, PYSEC-2014-45
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6rsz-krhe-q3gz
19
url VCID-7mc8-x346-eyaq
vulnerability_id VCID-7mc8-x346-eyaq
summary typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4193
reference_id
reference_type
scores
0
value 0.00309
scoring_system epss
scoring_elements 0.54367
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4193
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978469
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978469
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-57.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-57.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4193
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4193
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4193, GHSA-6fgf-x7wg-hp8r, PYSEC-2014-57
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7mc8-x346-eyaq
20
url VCID-83xg-a5v4-4bcw
vulnerability_id VCID-83xg-a5v4-4bcw
summary (1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) via a large zip archive, which is expanded (decompressed).
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4199
reference_id
reference_type
scores
0
value 0.0048
scoring_system epss
scoring_elements 0.65397
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4199
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978482
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978482
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-63.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-63.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4199
reference_id CVE-2013-4199
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4199
8
reference_url https://github.com/advisories/GHSA-xfjq-9rxq-ph6m
reference_id GHSA-xfjq-9rxq-ph6m
reference_type
scores
url https://github.com/advisories/GHSA-xfjq-9rxq-ph6m
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4199, GHSA-xfjq-9rxq-ph6m, PYSEC-2014-63
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-83xg-a5v4-4bcw
21
url VCID-8gk5-28z6-7bcf
vulnerability_id VCID-8gk5-28z6-7bcf
summary atat.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read private data structures via a request for a view without a name.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5505
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55221
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5505
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-47.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-47.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5505
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5505
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/21
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/21
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5505, GHSA-cq5g-924m-7fxh, PYSEC-2014-47
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8gk5-28z6-7bcf
22
url VCID-8j8e-z731-7fbz
vulnerability_id VCID-8j8e-z731-7fbz
summary Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5490
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.5217
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5490
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-32.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-32.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5490
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5490
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/06
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/06
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5490, GHSA-q46g-v7r4-9vhr, PYSEC-2014-32
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8j8e-z731-7fbz
23
url VCID-8md9-zymx-w7cn
vulnerability_id VCID-8md9-zymx-w7cn
summary membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/security/cve/CVE-2012-5497
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5497
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5497
reference_id
reference_type
scores
0
value 0.00435
scoring_system epss
scoring_elements 0.63162
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5497
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874681
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=874681
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
7
reference_url https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa
8
reference_url https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-39.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-39.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5497
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5497
11
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
12
reference_url https://plone.org/products/plone/security/advisories/20121106/13
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/13
13
reference_url https://web.archive.org/web/20131103175056/https://plone.org/products/plone/security/advisories/20121106/13
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131103175056/https://plone.org/products/plone/security/advisories/20121106/13
14
reference_url https://web.archive.org/web/20131114082527/https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131114082527/https://plone.org/products/plone-hotfix/releases/20121106
15
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5497, GHSA-683w-84m7-p8pw, PYSEC-2014-39
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8md9-zymx-w7cn
24
url VCID-8r52-vc7e-f3bc
vulnerability_id VCID-8r52-vc7e-f3bc
summary zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4191
reference_id
reference_type
scores
0
value 0.00309
scoring_system epss
scoring_elements 0.54367
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4191
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978453
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978453
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-55.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-55.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4191
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4191
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4191, GHSA-grwx-4p5v-9g2g, PYSEC-2014-55
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8r52-vc7e-f3bc
25
url VCID-99bf-ybqh-dfad
vulnerability_id VCID-99bf-ybqh-dfad
summary The batch id change script (renameObjectsByPaths.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to change the titles of content items by leveraging a valid CSRF token in a crafted request.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/security/cve/CVE-2012-5500
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5500
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5500
reference_id
reference_type
scores
0
value 0.00343
scoring_system epss
scoring_elements 0.57184
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5500
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874649
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=874649
5
reference_url https://github.com/plone/plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/plone
6
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-42.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-42.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5500
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5500
9
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
10
reference_url https://plone.org/products/plone/security/advisories/20121106/16
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/16
11
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5500, GHSA-2q75-f7cp-w86q, PYSEC-2014-42
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-99bf-ybqh-dfad
26
url VCID-9ze6-mfrw-ukdv
vulnerability_id VCID-9ze6-mfrw-ukdv
summary Plone through 5.2.4 allows XSS via the inline_diff methods in Products.CMFDiffTool.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33513
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.53803
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33513
1
reference_url https://github.com/advisories/GHSA-fj67-w3m4-rfmp
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fj67-w3m4-rfmp
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-85.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-85.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33513
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33513
5
reference_url https://plone.org/security/hotfix/20210518/xss-vulnerability-in-cmfdifftool
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/xss-vulnerability-in-cmfdifftool
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33513, GHSA-fj67-w3m4-rfmp, PYSEC-2021-85
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ze6-mfrw-ukdv
27
url VCID-a628-5uyk-w3ca
vulnerability_id VCID-a628-5uyk-w3ca
summary Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, and (3) traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4189
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.66192
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4189
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978450
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978450
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-53.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-53.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4189
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4189
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4189, GHSA-pwpq-632g-h49g, PYSEC-2014-53
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a628-5uyk-w3ca
28
url VCID-a67e-svcb-ekhc
vulnerability_id VCID-a67e-svcb-ekhc
summary Products/CMFPlone/CatalogTool.py in Plone 3.3 through 4.3.2 allows remote administrators to bypass restrictions and obtain sensitive information via an unspecified search API.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7061
reference_id
reference_type
scores
0
value 0.00259
scoring_system epss
scoring_elements 0.49424
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7061
1
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
2
reference_url https://github.com/plone/Products.CMFPlone/commit/a6a3e50f759da7e7ca46e50777a35e51f4d8ed48
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/a6a3e50f759da7e7ca46e50777a35e51f4d8ed48
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-66.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-66.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-68.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-68.yaml
5
reference_url https://plone.org/security/20131210/catalogue-exposure
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/20131210/catalogue-exposure
6
reference_url https://pypi.org/project/Products.PloneHotfix20131210
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/Products.PloneHotfix20131210
7
reference_url http://www.openwall.com/lists/oss-security/2013/12/10/15
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/12/10/15
8
reference_url http://www.openwall.com/lists/oss-security/2013/12/12/3
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/12/12/3
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7061
reference_id CVE-2013-7061
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7061
10
reference_url https://github.com/advisories/GHSA-4vr8-r7qr-fpvq
reference_id GHSA-4vr8-r7qr-fpvq
reference_type
scores
url https://github.com/advisories/GHSA-4vr8-r7qr-fpvq
fixed_packages
0
url pkg:pypi/plone@4.3.3
purl pkg:pypi/plone@4.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-d68e-uehc-nudc
15
vulnerability VCID-fga8-ymex-67fw
16
vulnerability VCID-gejv-h449-13e4
17
vulnerability VCID-gsnt-c1cd-d3bf
18
vulnerability VCID-m91w-vguw-qkem
19
vulnerability VCID-njnv-5cwt-4ygy
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r61f-p8nh-2bax
22
vulnerability VCID-r874-3h26-j3fp
23
vulnerability VCID-s5ab-nud4-5qdg
24
vulnerability VCID-sa7x-wvn1-skh1
25
vulnerability VCID-sg6k-wdwq-9bgd
26
vulnerability VCID-tfmu-7tad-xbbe
27
vulnerability VCID-ugq4-1vzc-6uh5
28
vulnerability VCID-w2u3-bnqq-mqfz
29
vulnerability VCID-wage-1bme-bkgb
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.3
aliases CVE-2013-7061, GHSA-4vr8-r7qr-fpvq, PYSEC-2014-66, PYSEC-2014-68
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a67e-svcb-ekhc
29
url VCID-bj9p-4wzt-47cf
vulnerability_id VCID-bj9p-4wzt-47cf
summary The isURLInPortal method in the URLTool class in in_portal.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 treats URLs starting with a space as a relative URL, which allows remote attackers to bypass the allow_external_login_sites filtering property, redirect users to arbitrary web sites, and conduct phishing attacks via a space before a URL in the "next" parameter to acl_users/credentials_cookie_auth/require_login.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4200
reference_id
reference_type
scores
0
value 0.05344
scoring_system epss
scoring_elements 0.90209
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4200
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4200
4
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-64.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-64.yaml
6
reference_url http://www.openwall.com/lists/oss-security/2013/08/01/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/08/01/2
7
reference_url http://www.securityfocus.com/archive/1/530787/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/530787/100/0/threaded
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4200
reference_id CVE-2013-4200
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4200
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38738.txt
reference_id CVE-2013-4200;OSVDB-95863
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/webapps/38738.txt
10
reference_url https://www.securityfocus.com/bid/61964/info
reference_id CVE-2013-4200;OSVDB-95863
reference_type exploit
scores
url https://www.securityfocus.com/bid/61964/info
11
reference_url https://github.com/advisories/GHSA-56p3-rrp4-2j82
reference_id GHSA-56p3-rrp4-2j82
reference_type
scores
url https://github.com/advisories/GHSA-56p3-rrp4-2j82
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4200, GHSA-56p3-rrp4-2j82, PYSEC-2014-64
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bj9p-4wzt-47cf
30
url VCID-ch1t-qmtc-xqfx
vulnerability_id VCID-ch1t-qmtc-xqfx
summary uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5492
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55221
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5492
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-34.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-34.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5492
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5492
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/08
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/08
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5492, GHSA-6w93-4c4p-xv2x, PYSEC-2014-34
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ch1t-qmtc-xqfx
31
url VCID-d68e-uehc-nudc
vulnerability_id VCID-d68e-uehc-nudc
summary Plone through 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33509
reference_id
reference_type
scores
0
value 0.00846
scoring_system epss
scoring_elements 0.75136
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33509
1
reference_url https://github.com/advisories/GHSA-hm2p-fhwx-9285
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hm2p-fhwx-9285
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-81.yaml
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-81.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33509
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33509
5
reference_url https://plone.org/security/hotfix/20210518/writing-arbitrary-files-via-docutils-and-python-script
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/writing-arbitrary-files-via-docutils-and-python-script
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33509, GHSA-hm2p-fhwx-9285, PYSEC-2021-81
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d68e-uehc-nudc
32
url VCID-fd6y-2fcd-jbck
vulnerability_id VCID-fd6y-2fcd-jbck
summary traverser.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers with administrator privileges to cause a denial of service (infinite loop and resource consumption) via unspecified vectors related to "retrieving information for certain resources."
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4188
reference_id
reference_type
scores
0
value 0.00564
scoring_system epss
scoring_elements 0.68724
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4188
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978449
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978449
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-52.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-52.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4188
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4188
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4188, GHSA-w3pw-qxjj-6prr, PYSEC-2014-52
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fd6y-2fcd-jbck
33
url VCID-fga8-ymex-67fw
vulnerability_id VCID-fga8-ymex-67fw
summary By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an attacker could send you to his own website. On its own this is not so bad: the attacker could more easily link directly to his own website instead. But in combination with another attack, you could be sent to the Plone login form and login, then get redirected to the specific url, and then get a second redirect to the attacker website. (The specific url can be seen by inspecting the hotfix code, but we don't want to make it too easy for attackers by spelling it out here.)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000484
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41478
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000484
1
reference_url https://github.com/advisories/GHSA-xvwv-6wvx-px9x
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-xvwv-6wvx-px9x
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/plone/Products.CMFPlone/issues/2232
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/2232
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-73.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-73.yaml
5
reference_url https://plone.org/security/hotfix/20171128/an-open-redirection-when-calling-a-specific-url
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20171128/an-open-redirection-when-calling-a-specific-url
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000484
reference_id CVE-2017-1000484
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000484
fixed_packages
0
url pkg:pypi/plone@4.3.16
purl pkg:pypi/plone@4.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5tbn-qmuj-jya9
6
vulnerability VCID-5z33-3pqj-gygw
7
vulnerability VCID-9ze6-mfrw-ukdv
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-fga8-ymex-67fw
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-gsnt-c1cd-d3bf
12
vulnerability VCID-pv2n-2y41-pbg5
13
vulnerability VCID-r61f-p8nh-2bax
14
vulnerability VCID-r874-3h26-j3fp
15
vulnerability VCID-s5ab-nud4-5qdg
16
vulnerability VCID-sa7x-wvn1-skh1
17
vulnerability VCID-tfmu-7tad-xbbe
18
vulnerability VCID-wage-1bme-bkgb
19
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16
1
url pkg:pypi/plone@5.1.0
purl pkg:pypi/plone@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5z33-3pqj-gygw
6
vulnerability VCID-9ze6-mfrw-ukdv
7
vulnerability VCID-c3we-w4qc-6fhs
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-dnu9-u6zt-c7ch
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-pv2n-2y41-pbg5
12
vulnerability VCID-r61f-p8nh-2bax
13
vulnerability VCID-r874-3h26-j3fp
14
vulnerability VCID-sa7x-wvn1-skh1
15
vulnerability VCID-tfmu-7tad-xbbe
16
vulnerability VCID-wage-1bme-bkgb
17
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0
aliases CVE-2017-1000484, GHSA-xvwv-6wvx-px9x, PYSEC-2018-73
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fga8-ymex-67fw
34
url VCID-gejv-h449-13e4
vulnerability_id VCID-gejv-h449-13e4
summary An open redirect on the login form (and possibly other places) in Plone 4.0 through 5.2.1 allows an attacker to craft a link to a Plone Site that, when followed, and possibly after login, will redirect to an attacker's site.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7936
reference_id
reference_type
scores
0
value 0.0034
scoring_system epss
scoring_elements 0.56966
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7936
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-85.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-85.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7936
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7936
4
reference_url https://plone.org/security/hotfix/20200121
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20200121
5
reference_url https://plone.org/security/hotfix/20200121/an-open-redirection-on-the-login-form-and-possibly-other-places
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20200121/an-open-redirection-on-the-login-form-and-possibly-other-places
6
reference_url https://www.openwall.com/lists/oss-security/2020/01/22/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/01/22/1
7
reference_url http://www.openwall.com/lists/oss-security/2020/01/24/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/01/24/1
fixed_packages
0
url pkg:pypi/plone@4.3.20
purl pkg:pypi/plone@4.3.20
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5tbn-qmuj-jya9
6
vulnerability VCID-5z33-3pqj-gygw
7
vulnerability VCID-9ze6-mfrw-ukdv
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-fga8-ymex-67fw
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-gsnt-c1cd-d3bf
12
vulnerability VCID-pv2n-2y41-pbg5
13
vulnerability VCID-r61f-p8nh-2bax
14
vulnerability VCID-r874-3h26-j3fp
15
vulnerability VCID-s5ab-nud4-5qdg
16
vulnerability VCID-sa7x-wvn1-skh1
17
vulnerability VCID-tfmu-7tad-xbbe
18
vulnerability VCID-va5s-rj6t-53a4
19
vulnerability VCID-wage-1bme-bkgb
20
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.20
1
url pkg:pypi/plone@5.1.7
purl pkg:pypi/plone@5.1.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5z33-3pqj-gygw
6
vulnerability VCID-9ze6-mfrw-ukdv
7
vulnerability VCID-c3we-w4qc-6fhs
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-dnu9-u6zt-c7ch
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-pv2n-2y41-pbg5
12
vulnerability VCID-r61f-p8nh-2bax
13
vulnerability VCID-r874-3h26-j3fp
14
vulnerability VCID-sa7x-wvn1-skh1
15
vulnerability VCID-tfmu-7tad-xbbe
16
vulnerability VCID-wage-1bme-bkgb
17
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.7
2
url pkg:pypi/plone@5.2.2
purl pkg:pypi/plone@5.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-36xh-ua3s-gyfr
1
vulnerability VCID-3n34-5rm7-nbcj
2
vulnerability VCID-5e2c-6mkx-4udu
3
vulnerability VCID-5z33-3pqj-gygw
4
vulnerability VCID-9ze6-mfrw-ukdv
5
vulnerability VCID-d68e-uehc-nudc
6
vulnerability VCID-dnu9-u6zt-c7ch
7
vulnerability VCID-pv2n-2y41-pbg5
8
vulnerability VCID-r61f-p8nh-2bax
9
vulnerability VCID-r874-3h26-j3fp
10
vulnerability VCID-sa7x-wvn1-skh1
11
vulnerability VCID-tfmu-7tad-xbbe
12
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.2
aliases CVE-2020-7936, GHSA-82j9-wfcf-9v2h, PYSEC-2020-85
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gejv-h449-13e4
35
url VCID-gsnt-c1cd-d3bf
vulnerability_id VCID-gsnt-c1cd-d3bf
summary Plone 3.3 through 5.1a1 allows remote attackers to obtain information about the ID of sensitive content via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4042
reference_id
reference_type
scores
0
value 0.0023
scoring_system epss
scoring_elements 0.45904
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4042
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-56.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-56.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4042
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4042
4
reference_url https://plone.org/security/hotfix/20160419/unauthorized-disclosure-of-site-content
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20160419/unauthorized-disclosure-of-site-content
5
reference_url http://www.openwall.com/lists/oss-security/2016/04/20/2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/04/20/2
fixed_packages
0
url pkg:pypi/plone@4.3.10
purl pkg:pypi/plone@4.3.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-9ze6-mfrw-ukdv
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pv2n-2y41-pbg5
20
vulnerability VCID-r61f-p8nh-2bax
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-wage-1bme-bkgb
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.10
1
url pkg:pypi/plone@5.0.5
purl pkg:pypi/plone@5.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-c3we-w4qc-6fhs
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-dnu9-u6zt-c7ch
15
vulnerability VCID-fga8-ymex-67fw
16
vulnerability VCID-gejv-h449-13e4
17
vulnerability VCID-gsnt-c1cd-d3bf
18
vulnerability VCID-jn3b-smfx-87gg
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pv2n-2y41-pbg5
22
vulnerability VCID-r61f-p8nh-2bax
23
vulnerability VCID-r874-3h26-j3fp
24
vulnerability VCID-s5ab-nud4-5qdg
25
vulnerability VCID-sa7x-wvn1-skh1
26
vulnerability VCID-sg6k-wdwq-9bgd
27
vulnerability VCID-tfmu-7tad-xbbe
28
vulnerability VCID-ugq4-1vzc-6uh5
29
vulnerability VCID-wage-1bme-bkgb
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-ymbd-m6tf-5bap
32
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.5
2
url pkg:pypi/plone@5.1a2
purl pkg:pypi/plone@5.1a2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-sa7x-wvn1-skh1
18
vulnerability VCID-tfmu-7tad-xbbe
19
vulnerability VCID-ugq4-1vzc-6uh5
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1a2
aliases CVE-2016-4042, GHSA-v4vj-49m5-wjhw, PYSEC-2017-56
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gsnt-c1cd-d3bf
36
url VCID-hzgj-wca9-z3d1
vulnerability_id VCID-hzgj-wca9-z3d1
summary queryCatalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to bypass caching and cause a denial of service via a crafted request to a collection.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5498
reference_id
reference_type
scores
0
value 0.01001
scoring_system epss
scoring_elements 0.77305
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5498
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874665
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=874665
4
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
5
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-40.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-40.yaml
7
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
8
reference_url https://plone.org/products/plone/security/advisories/20121106/14
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/14
9
reference_url https://web.archive.org/web/20130528001715/https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20130528001715/https://plone.org/products/plone-hotfix/releases/20121106
10
reference_url https://web.archive.org/web/20131103191705/https://plone.org/products/plone/security/advisories/20121106/14
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20131103191705/https://plone.org/products/plone/security/advisories/20121106/14
11
reference_url http://www.openwall.com/lists/oss-security/2012/11/09/7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/09/7
12
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
13
reference_url https://access.redhat.com/security/cve/CVE-2012-5498
reference_id CVE-2012-5498
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5498
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5498
reference_id CVE-2012-5498
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5498
15
reference_url https://github.com/advisories/GHSA-97rj-p794-wq6m
reference_id GHSA-97rj-p794-wq6m
reference_type
scores
url https://github.com/advisories/GHSA-97rj-p794-wq6m
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5498, GHSA-97rj-p794-wq6m, PYSEC-2014-40
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hzgj-wca9-z3d1
37
url VCID-jhc2-yux7-vybj
vulnerability_id VCID-jhc2-yux7-vybj
summary python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to "go_back."
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5495
reference_id
reference_type
scores
0
value 0.00638
scoring_system epss
scoring_elements 0.70824
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5495
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-37.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-37.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5495
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5495
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/11
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/11
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5495, GHSA-w6pw-5gh5-4952, PYSEC-2014-37
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jhc2-yux7-vybj
38
url VCID-k34d-p9vb-g7by
vulnerability_id VCID-k34d-p9vb-g7by
summary The error pages in Plone before 4.2.3 and 4.3 before beta 1 allow remote attackers to obtain random numbers and derive the PRNG state for password resets via unspecified vectors. NOTE: this identifier was SPLIT per ADT2 due to different vulnerability types. CVE-2012-6661 was assigned for the PRNG reseeding issue in Zope.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5508
reference_id
reference_type
scores
0
value 0.00357
scoring_system epss
scoring_elements 0.58221
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5508
1
reference_url https://bugs.launchpad.net/zope2/+bug/1071067
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1071067
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-50.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-50.yaml
5
reference_url https://plone.org/products/plone-hotfix/releases/20121124
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121124
6
reference_url https://plone.org/products/plone/security/advisories/20121106/24
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/24
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5508
reference_id CVE-2012-5508
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5508
9
reference_url https://github.com/advisories/GHSA-wprr-mc54-c62q
reference_id GHSA-wprr-mc54-c62q
reference_type
scores
url https://github.com/advisories/GHSA-wprr-mc54-c62q
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5508, GHSA-wprr-mc54-c62q, PYSEC-2014-50
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k34d-p9vb-g7by
39
url VCID-kak6-5sps-z3da
vulnerability_id VCID-kak6-5sps-z3da
summary python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/security/cve/CVE-2012-5488
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5488
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5488
reference_id
reference_type
scores
0
value 0.0064
scoring_system epss
scoring_elements 0.70887
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5488
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878945
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=878945
5
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
6
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
7
reference_url https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/a9479a5b38646fe0b0a9066ee46de9c18de32bfa
8
reference_url https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/c3a98f4e6cf26501485de9c8354c49afdea21df8
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-30.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-30.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5488
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5488
11
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
12
reference_url https://plone.org/products/plone/security/advisories/20121106/04
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/04
13
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5488, GHSA-cxw7-85xm-3xrc, PYSEC-2014-30
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kak6-5sps-z3da
40
url VCID-kmd1-vu9u-d7g4
vulnerability_id VCID-kmd1-vu9u-d7g4
summary plone.app.users in Plone 4.0 and 4.1 allows remote authenticated users to modify the properties of arbitrary accounts via unspecified vectors, as exploited in the wild in June 2011.
references
0
reference_url http://osvdb.org/72729
reference_id
reference_type
scores
url http://osvdb.org/72729
1
reference_url http://plone.org/products/plone/security/advisories/CVE-2011-1950
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/CVE-2011-1950
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1950
reference_id
reference_type
scores
0
value 0.00762
scoring_system epss
scoring_elements 0.73669
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1950
3
reference_url http://secunia.com/advisories/44775
reference_id
reference_type
scores
url http://secunia.com/advisories/44775
4
reference_url http://securityreason.com/securityalert/8269
reference_id
reference_type
scores
url http://securityreason.com/securityalert/8269
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/67695
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/67695
6
reference_url https://github.com/advisories/GHSA-2qx8-589j-gcpx
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-2qx8-589j-gcpx
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-16.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-16.yaml
8
reference_url http://www.securityfocus.com/archive/1/518155/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/518155/100/0/threaded
9
reference_url http://www.securityfocus.com/bid/48005
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/48005
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-1950
reference_id CVE-2011-1950
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-1950
fixed_packages
0
url pkg:pypi/plone@4.0.6
purl pkg:pypi/plone@4.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4bjr-mjug-gqd2
9
vulnerability VCID-4hzn-mj8g-37ew
10
vulnerability VCID-4xdg-1sku-17cd
11
vulnerability VCID-4ym2-39bg-dbga
12
vulnerability VCID-5bnw-ktd3-8qeb
13
vulnerability VCID-5e2c-6mkx-4udu
14
vulnerability VCID-5kaj-zugj-mbh1
15
vulnerability VCID-5tbn-qmuj-jya9
16
vulnerability VCID-5z33-3pqj-gygw
17
vulnerability VCID-6898-z4k5-h3b6
18
vulnerability VCID-6rsz-krhe-q3gz
19
vulnerability VCID-7mc8-x346-eyaq
20
vulnerability VCID-83xg-a5v4-4bcw
21
vulnerability VCID-8gk5-28z6-7bcf
22
vulnerability VCID-8j8e-z731-7fbz
23
vulnerability VCID-8md9-zymx-w7cn
24
vulnerability VCID-8r52-vc7e-f3bc
25
vulnerability VCID-99bf-ybqh-dfad
26
vulnerability VCID-9ze6-mfrw-ukdv
27
vulnerability VCID-a628-5uyk-w3ca
28
vulnerability VCID-a67e-svcb-ekhc
29
vulnerability VCID-bj9p-4wzt-47cf
30
vulnerability VCID-ch1t-qmtc-xqfx
31
vulnerability VCID-d68e-uehc-nudc
32
vulnerability VCID-fd6y-2fcd-jbck
33
vulnerability VCID-fga8-ymex-67fw
34
vulnerability VCID-gejv-h449-13e4
35
vulnerability VCID-gsnt-c1cd-d3bf
36
vulnerability VCID-hzgj-wca9-z3d1
37
vulnerability VCID-jhc2-yux7-vybj
38
vulnerability VCID-k34d-p9vb-g7by
39
vulnerability VCID-kak6-5sps-z3da
40
vulnerability VCID-kmd1-vu9u-d7g4
41
vulnerability VCID-kvvr-zc1s-akhn
42
vulnerability VCID-m91w-vguw-qkem
43
vulnerability VCID-mgpa-1taj-pycj
44
vulnerability VCID-njnv-5cwt-4ygy
45
vulnerability VCID-pn5z-xdcd-zqd5
46
vulnerability VCID-pncb-4m8u-hbaw
47
vulnerability VCID-pv2n-2y41-pbg5
48
vulnerability VCID-qkv2-qpe2-97cx
49
vulnerability VCID-qskf-bt81-5bbe
50
vulnerability VCID-r874-3h26-j3fp
51
vulnerability VCID-rn4s-px1y-7fbc
52
vulnerability VCID-s5ab-nud4-5qdg
53
vulnerability VCID-sa7x-wvn1-skh1
54
vulnerability VCID-scgs-bz44-ebfk
55
vulnerability VCID-swq8-17qu-vyfw
56
vulnerability VCID-tfmu-7tad-xbbe
57
vulnerability VCID-u1hz-5a2a-ybac
58
vulnerability VCID-uduq-ujbb-6qd2
59
vulnerability VCID-ugq4-1vzc-6uh5
60
vulnerability VCID-uv7n-awe5-2fav
61
vulnerability VCID-vc1v-xsbc-kff1
62
vulnerability VCID-w2u3-bnqq-mqfz
63
vulnerability VCID-wage-1bme-bkgb
64
vulnerability VCID-xa5e-bbcv-byg9
65
vulnerability VCID-xksv-mub7-dyck
66
vulnerability VCID-xpjk-k6tj-2uba
67
vulnerability VCID-y2bq-cb4v-mke6
68
vulnerability VCID-yaa8-vy4x-cqbq
69
vulnerability VCID-ykg2-qbyr-ayd5
70
vulnerability VCID-ymbd-m6tf-5bap
71
vulnerability VCID-z8kt-tf38-eqgc
72
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.6
1
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
aliases CVE-2011-1950, GHSA-2qx8-589j-gcpx, PYSEC-2011-16
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kmd1-vu9u-d7g4
41
url VCID-kvvr-zc1s-akhn
vulnerability_id VCID-kvvr-zc1s-akhn
summary The sandbox whitelisting function (allowmodule.py) in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5487
reference_id
reference_type
scores
0
value 0.00656
scoring_system epss
scoring_elements 0.71361
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5487
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-29.yaml
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-29.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5487
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5487
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/03
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/03
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value 6.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5487, GHSA-9m4g-f42q-vrrh, PYSEC-2014-29
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kvvr-zc1s-akhn
42
url VCID-m91w-vguw-qkem
vulnerability_id VCID-m91w-vguw-qkem
summary Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
references
0
reference_url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7138
reference_id
reference_type
scores
0
value 0.00491
scoring_system epss
scoring_elements 0.65908
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7138
2
reference_url http://seclists.org/fulldisclosure/2016/Oct/80
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Oct/80
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml
5
reference_url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1
6
reference_url https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
7
reference_url https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
8
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/4
9
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/5
10
reference_url http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/539572/100/0/threaded
11
reference_url http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92752
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7138
reference_id CVE-2016-7138
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7138
13
reference_url https://github.com/advisories/GHSA-v3hp-f8qr-cf3p
reference_id GHSA-v3hp-f8qr-cf3p
reference_type
scores
url https://github.com/advisories/GHSA-v3hp-f8qr-cf3p
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-gsnt-c1cd-d3bf
15
vulnerability VCID-jn3b-smfx-87gg
16
vulnerability VCID-pv2n-2y41-pbg5
17
vulnerability VCID-r61f-p8nh-2bax
18
vulnerability VCID-r874-3h26-j3fp
19
vulnerability VCID-s5ab-nud4-5qdg
20
vulnerability VCID-sa7x-wvn1-skh1
21
vulnerability VCID-tfmu-7tad-xbbe
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-y2bq-cb4v-mke6
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
aliases CVE-2016-7138, GHSA-v3hp-f8qr-cf3p, PYSEC-2017-61
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m91w-vguw-qkem
43
url VCID-mgpa-1taj-pycj
vulnerability_id VCID-mgpa-1taj-pycj
summary at_download.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read arbitrary BLOBs (Files and Images) stored on custom content types via a crafted URL.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5501
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55221
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5501
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-43.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-43.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5501
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5501
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/17
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/17
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5501, GHSA-pvhv-qwc8-r2pg, PYSEC-2014-43
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgpa-1taj-pycj
44
url VCID-njnv-5cwt-4ygy
vulnerability_id VCID-njnv-5cwt-4ygy
summary Multiple open redirect vulnerabilities in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referer parameter to (1) %2b%2bgroupdashboard%2b%2bplone.dashboard1%2bgroup/%2b/portlets.Actions or (2) folder/%2b%2bcontextportlets%2b%2bplone.footerportlets/%2b /portlets.Actions or the (3) came_from parameter to /login_form.
references
0
reference_url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7137
reference_id
reference_type
scores
0
value 0.00477
scoring_system epss
scoring_elements 0.65213
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7137
2
reference_url http://seclists.org/fulldisclosure/2016/Oct/80
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Oct/80
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-60.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-60.yaml
5
reference_url https://plone.org/security/hotfix/20160830/open-redirection-in-plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20160830/open-redirection-in-plone
6
reference_url https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752
7
reference_url https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded
8
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/4
9
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/5
10
reference_url http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/539572/100/0/threaded
11
reference_url http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92752
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7137
reference_id CVE-2016-7137
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7137
13
reference_url https://github.com/advisories/GHSA-69vh-662j-v988
reference_id GHSA-69vh-662j-v988
reference_type
scores
url https://github.com/advisories/GHSA-69vh-662j-v988
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-gsnt-c1cd-d3bf
15
vulnerability VCID-jn3b-smfx-87gg
16
vulnerability VCID-pv2n-2y41-pbg5
17
vulnerability VCID-r61f-p8nh-2bax
18
vulnerability VCID-r874-3h26-j3fp
19
vulnerability VCID-s5ab-nud4-5qdg
20
vulnerability VCID-sa7x-wvn1-skh1
21
vulnerability VCID-tfmu-7tad-xbbe
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-y2bq-cb4v-mke6
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
aliases CVE-2016-7137, GHSA-69vh-662j-v988, PYSEC-2017-60
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-njnv-5cwt-4ygy
45
url VCID-pn5z-xdcd-zqd5
vulnerability_id VCID-pn5z-xdcd-zqd5
summary Multiple cross-site scripting (XSS) vulnerabilities in Zope, as used in Plone 3.3.x through 3.3.6, 4.0.x through 4.0.9, 4.1.x through 4.1.6, 4.2.x through 4.2.7, and 4.3 through 4.3.2, allow remote attackers to inject arbitrary web script or HTML via unspecified input in the (1) browser_id_manager or (2) OFS.Image method.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7062
reference_id
reference_type
scores
0
value 0.00763
scoring_system epss
scoring_elements 0.73717
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7062
1
reference_url http://seclists.org/oss-sec/2013/q4/467
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q4/467
2
reference_url http://seclists.org/oss-sec/2013/q4/485
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q4/485
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/89623
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/89623
4
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/89627
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/89627
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-218.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-218.yaml
7
reference_url https://plone.org/security/20131210/zope-xss-in-browseridmanager
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/20131210/zope-xss-in-browseridmanager
8
reference_url https://plone.org/security/20131210/zope-xss-in-OFS
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/20131210/zope-xss-in-OFS
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7062
reference_id CVE-2013-7062
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7062
10
reference_url https://github.com/advisories/GHSA-4793-w44w-m7xm
reference_id GHSA-4793-w44w-m7xm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4793-w44w-m7xm
fixed_packages
0
url pkg:pypi/plone@4.0.9
purl pkg:pypi/plone@4.0.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4bjr-mjug-gqd2
9
vulnerability VCID-4hzn-mj8g-37ew
10
vulnerability VCID-4xdg-1sku-17cd
11
vulnerability VCID-4ym2-39bg-dbga
12
vulnerability VCID-5bnw-ktd3-8qeb
13
vulnerability VCID-5e2c-6mkx-4udu
14
vulnerability VCID-5kaj-zugj-mbh1
15
vulnerability VCID-5tbn-qmuj-jya9
16
vulnerability VCID-5z33-3pqj-gygw
17
vulnerability VCID-6898-z4k5-h3b6
18
vulnerability VCID-6rsz-krhe-q3gz
19
vulnerability VCID-7mc8-x346-eyaq
20
vulnerability VCID-83xg-a5v4-4bcw
21
vulnerability VCID-8gk5-28z6-7bcf
22
vulnerability VCID-8j8e-z731-7fbz
23
vulnerability VCID-8md9-zymx-w7cn
24
vulnerability VCID-8r52-vc7e-f3bc
25
vulnerability VCID-99bf-ybqh-dfad
26
vulnerability VCID-9ze6-mfrw-ukdv
27
vulnerability VCID-a628-5uyk-w3ca
28
vulnerability VCID-a67e-svcb-ekhc
29
vulnerability VCID-bj9p-4wzt-47cf
30
vulnerability VCID-ch1t-qmtc-xqfx
31
vulnerability VCID-d68e-uehc-nudc
32
vulnerability VCID-fd6y-2fcd-jbck
33
vulnerability VCID-fga8-ymex-67fw
34
vulnerability VCID-gejv-h449-13e4
35
vulnerability VCID-gsnt-c1cd-d3bf
36
vulnerability VCID-hzgj-wca9-z3d1
37
vulnerability VCID-jhc2-yux7-vybj
38
vulnerability VCID-k34d-p9vb-g7by
39
vulnerability VCID-kak6-5sps-z3da
40
vulnerability VCID-kmd1-vu9u-d7g4
41
vulnerability VCID-kvvr-zc1s-akhn
42
vulnerability VCID-m91w-vguw-qkem
43
vulnerability VCID-mgpa-1taj-pycj
44
vulnerability VCID-njnv-5cwt-4ygy
45
vulnerability VCID-pn5z-xdcd-zqd5
46
vulnerability VCID-pncb-4m8u-hbaw
47
vulnerability VCID-pv2n-2y41-pbg5
48
vulnerability VCID-qkv2-qpe2-97cx
49
vulnerability VCID-qskf-bt81-5bbe
50
vulnerability VCID-r874-3h26-j3fp
51
vulnerability VCID-rn4s-px1y-7fbc
52
vulnerability VCID-s5ab-nud4-5qdg
53
vulnerability VCID-sa7x-wvn1-skh1
54
vulnerability VCID-scgs-bz44-ebfk
55
vulnerability VCID-swq8-17qu-vyfw
56
vulnerability VCID-tfmu-7tad-xbbe
57
vulnerability VCID-u1hz-5a2a-ybac
58
vulnerability VCID-uduq-ujbb-6qd2
59
vulnerability VCID-ugq4-1vzc-6uh5
60
vulnerability VCID-uv7n-awe5-2fav
61
vulnerability VCID-vc1v-xsbc-kff1
62
vulnerability VCID-w2u3-bnqq-mqfz
63
vulnerability VCID-wage-1bme-bkgb
64
vulnerability VCID-xa5e-bbcv-byg9
65
vulnerability VCID-xksv-mub7-dyck
66
vulnerability VCID-xpjk-k6tj-2uba
67
vulnerability VCID-y2bq-cb4v-mke6
68
vulnerability VCID-yaa8-vy4x-cqbq
69
vulnerability VCID-ykg2-qbyr-ayd5
70
vulnerability VCID-ymbd-m6tf-5bap
71
vulnerability VCID-z8kt-tf38-eqgc
72
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.9
1
url pkg:pypi/plone@4.0.10
purl pkg:pypi/plone@4.0.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4bjr-mjug-gqd2
9
vulnerability VCID-4hzn-mj8g-37ew
10
vulnerability VCID-4xdg-1sku-17cd
11
vulnerability VCID-4ym2-39bg-dbga
12
vulnerability VCID-5bnw-ktd3-8qeb
13
vulnerability VCID-5e2c-6mkx-4udu
14
vulnerability VCID-5kaj-zugj-mbh1
15
vulnerability VCID-5tbn-qmuj-jya9
16
vulnerability VCID-5z33-3pqj-gygw
17
vulnerability VCID-6898-z4k5-h3b6
18
vulnerability VCID-6rsz-krhe-q3gz
19
vulnerability VCID-7mc8-x346-eyaq
20
vulnerability VCID-83xg-a5v4-4bcw
21
vulnerability VCID-8gk5-28z6-7bcf
22
vulnerability VCID-8j8e-z731-7fbz
23
vulnerability VCID-8md9-zymx-w7cn
24
vulnerability VCID-8r52-vc7e-f3bc
25
vulnerability VCID-99bf-ybqh-dfad
26
vulnerability VCID-9ze6-mfrw-ukdv
27
vulnerability VCID-a628-5uyk-w3ca
28
vulnerability VCID-a67e-svcb-ekhc
29
vulnerability VCID-bj9p-4wzt-47cf
30
vulnerability VCID-ch1t-qmtc-xqfx
31
vulnerability VCID-d68e-uehc-nudc
32
vulnerability VCID-fd6y-2fcd-jbck
33
vulnerability VCID-fga8-ymex-67fw
34
vulnerability VCID-gejv-h449-13e4
35
vulnerability VCID-gsnt-c1cd-d3bf
36
vulnerability VCID-hzgj-wca9-z3d1
37
vulnerability VCID-jhc2-yux7-vybj
38
vulnerability VCID-k34d-p9vb-g7by
39
vulnerability VCID-kak6-5sps-z3da
40
vulnerability VCID-kmd1-vu9u-d7g4
41
vulnerability VCID-kvvr-zc1s-akhn
42
vulnerability VCID-m91w-vguw-qkem
43
vulnerability VCID-mgpa-1taj-pycj
44
vulnerability VCID-njnv-5cwt-4ygy
45
vulnerability VCID-pncb-4m8u-hbaw
46
vulnerability VCID-pv2n-2y41-pbg5
47
vulnerability VCID-qkv2-qpe2-97cx
48
vulnerability VCID-qskf-bt81-5bbe
49
vulnerability VCID-r874-3h26-j3fp
50
vulnerability VCID-rn4s-px1y-7fbc
51
vulnerability VCID-s5ab-nud4-5qdg
52
vulnerability VCID-sa7x-wvn1-skh1
53
vulnerability VCID-scgs-bz44-ebfk
54
vulnerability VCID-swq8-17qu-vyfw
55
vulnerability VCID-tfmu-7tad-xbbe
56
vulnerability VCID-u1hz-5a2a-ybac
57
vulnerability VCID-uduq-ujbb-6qd2
58
vulnerability VCID-ugq4-1vzc-6uh5
59
vulnerability VCID-uv7n-awe5-2fav
60
vulnerability VCID-vc1v-xsbc-kff1
61
vulnerability VCID-w2u3-bnqq-mqfz
62
vulnerability VCID-wage-1bme-bkgb
63
vulnerability VCID-xa5e-bbcv-byg9
64
vulnerability VCID-xksv-mub7-dyck
65
vulnerability VCID-xpjk-k6tj-2uba
66
vulnerability VCID-y2bq-cb4v-mke6
67
vulnerability VCID-yaa8-vy4x-cqbq
68
vulnerability VCID-ykg2-qbyr-ayd5
69
vulnerability VCID-ymbd-m6tf-5bap
70
vulnerability VCID-z8kt-tf38-eqgc
71
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.10
2
url pkg:pypi/plone@4.1.6
purl pkg:pypi/plone@4.1.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5e2c-6mkx-4udu
11
vulnerability VCID-5kaj-zugj-mbh1
12
vulnerability VCID-5tbn-qmuj-jya9
13
vulnerability VCID-5z33-3pqj-gygw
14
vulnerability VCID-6898-z4k5-h3b6
15
vulnerability VCID-6rsz-krhe-q3gz
16
vulnerability VCID-8gk5-28z6-7bcf
17
vulnerability VCID-8j8e-z731-7fbz
18
vulnerability VCID-8md9-zymx-w7cn
19
vulnerability VCID-99bf-ybqh-dfad
20
vulnerability VCID-9ze6-mfrw-ukdv
21
vulnerability VCID-a67e-svcb-ekhc
22
vulnerability VCID-ch1t-qmtc-xqfx
23
vulnerability VCID-d68e-uehc-nudc
24
vulnerability VCID-fga8-ymex-67fw
25
vulnerability VCID-gejv-h449-13e4
26
vulnerability VCID-gsnt-c1cd-d3bf
27
vulnerability VCID-hzgj-wca9-z3d1
28
vulnerability VCID-jhc2-yux7-vybj
29
vulnerability VCID-k34d-p9vb-g7by
30
vulnerability VCID-kak6-5sps-z3da
31
vulnerability VCID-kvvr-zc1s-akhn
32
vulnerability VCID-m91w-vguw-qkem
33
vulnerability VCID-mgpa-1taj-pycj
34
vulnerability VCID-njnv-5cwt-4ygy
35
vulnerability VCID-pn5z-xdcd-zqd5
36
vulnerability VCID-pncb-4m8u-hbaw
37
vulnerability VCID-pv2n-2y41-pbg5
38
vulnerability VCID-r874-3h26-j3fp
39
vulnerability VCID-s5ab-nud4-5qdg
40
vulnerability VCID-sa7x-wvn1-skh1
41
vulnerability VCID-scgs-bz44-ebfk
42
vulnerability VCID-tfmu-7tad-xbbe
43
vulnerability VCID-u1hz-5a2a-ybac
44
vulnerability VCID-uduq-ujbb-6qd2
45
vulnerability VCID-ugq4-1vzc-6uh5
46
vulnerability VCID-vc1v-xsbc-kff1
47
vulnerability VCID-w2u3-bnqq-mqfz
48
vulnerability VCID-wage-1bme-bkgb
49
vulnerability VCID-xa5e-bbcv-byg9
50
vulnerability VCID-xksv-mub7-dyck
51
vulnerability VCID-xpjk-k6tj-2uba
52
vulnerability VCID-y2bq-cb4v-mke6
53
vulnerability VCID-yaa8-vy4x-cqbq
54
vulnerability VCID-ymbd-m6tf-5bap
55
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.6
3
url pkg:pypi/plone@4.2a1
purl pkg:pypi/plone@4.2a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4hzn-mj8g-37ew
8
vulnerability VCID-4ym2-39bg-dbga
9
vulnerability VCID-5e2c-6mkx-4udu
10
vulnerability VCID-5kaj-zugj-mbh1
11
vulnerability VCID-5tbn-qmuj-jya9
12
vulnerability VCID-5z33-3pqj-gygw
13
vulnerability VCID-6898-z4k5-h3b6
14
vulnerability VCID-6rsz-krhe-q3gz
15
vulnerability VCID-8gk5-28z6-7bcf
16
vulnerability VCID-8j8e-z731-7fbz
17
vulnerability VCID-8md9-zymx-w7cn
18
vulnerability VCID-99bf-ybqh-dfad
19
vulnerability VCID-9ze6-mfrw-ukdv
20
vulnerability VCID-a67e-svcb-ekhc
21
vulnerability VCID-ch1t-qmtc-xqfx
22
vulnerability VCID-d68e-uehc-nudc
23
vulnerability VCID-fga8-ymex-67fw
24
vulnerability VCID-gejv-h449-13e4
25
vulnerability VCID-gsnt-c1cd-d3bf
26
vulnerability VCID-hzgj-wca9-z3d1
27
vulnerability VCID-jhc2-yux7-vybj
28
vulnerability VCID-k34d-p9vb-g7by
29
vulnerability VCID-kak6-5sps-z3da
30
vulnerability VCID-kvvr-zc1s-akhn
31
vulnerability VCID-m91w-vguw-qkem
32
vulnerability VCID-mgpa-1taj-pycj
33
vulnerability VCID-njnv-5cwt-4ygy
34
vulnerability VCID-pncb-4m8u-hbaw
35
vulnerability VCID-pv2n-2y41-pbg5
36
vulnerability VCID-r874-3h26-j3fp
37
vulnerability VCID-rv8k-q8hx-7yeb
38
vulnerability VCID-s5ab-nud4-5qdg
39
vulnerability VCID-sa7x-wvn1-skh1
40
vulnerability VCID-scgs-bz44-ebfk
41
vulnerability VCID-tfmu-7tad-xbbe
42
vulnerability VCID-u1hz-5a2a-ybac
43
vulnerability VCID-uduq-ujbb-6qd2
44
vulnerability VCID-ugq4-1vzc-6uh5
45
vulnerability VCID-vc1v-xsbc-kff1
46
vulnerability VCID-w2u3-bnqq-mqfz
47
vulnerability VCID-wage-1bme-bkgb
48
vulnerability VCID-xa5e-bbcv-byg9
49
vulnerability VCID-xksv-mub7-dyck
50
vulnerability VCID-xpjk-k6tj-2uba
51
vulnerability VCID-y2bq-cb4v-mke6
52
vulnerability VCID-ymbd-m6tf-5bap
53
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a1
4
url pkg:pypi/plone@4.3a1
purl pkg:pypi/plone@4.3a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5e2c-6mkx-4udu
11
vulnerability VCID-5kaj-zugj-mbh1
12
vulnerability VCID-5tbn-qmuj-jya9
13
vulnerability VCID-5z33-3pqj-gygw
14
vulnerability VCID-6898-z4k5-h3b6
15
vulnerability VCID-6rsz-krhe-q3gz
16
vulnerability VCID-8gk5-28z6-7bcf
17
vulnerability VCID-8j8e-z731-7fbz
18
vulnerability VCID-8md9-zymx-w7cn
19
vulnerability VCID-99bf-ybqh-dfad
20
vulnerability VCID-9ze6-mfrw-ukdv
21
vulnerability VCID-a67e-svcb-ekhc
22
vulnerability VCID-ch1t-qmtc-xqfx
23
vulnerability VCID-d68e-uehc-nudc
24
vulnerability VCID-fga8-ymex-67fw
25
vulnerability VCID-gejv-h449-13e4
26
vulnerability VCID-gsnt-c1cd-d3bf
27
vulnerability VCID-hzgj-wca9-z3d1
28
vulnerability VCID-jhc2-yux7-vybj
29
vulnerability VCID-k34d-p9vb-g7by
30
vulnerability VCID-kak6-5sps-z3da
31
vulnerability VCID-kvvr-zc1s-akhn
32
vulnerability VCID-m91w-vguw-qkem
33
vulnerability VCID-mgpa-1taj-pycj
34
vulnerability VCID-njnv-5cwt-4ygy
35
vulnerability VCID-pncb-4m8u-hbaw
36
vulnerability VCID-pv2n-2y41-pbg5
37
vulnerability VCID-r874-3h26-j3fp
38
vulnerability VCID-s5ab-nud4-5qdg
39
vulnerability VCID-sa7x-wvn1-skh1
40
vulnerability VCID-scgs-bz44-ebfk
41
vulnerability VCID-sg6k-wdwq-9bgd
42
vulnerability VCID-tfmu-7tad-xbbe
43
vulnerability VCID-u1hz-5a2a-ybac
44
vulnerability VCID-uduq-ujbb-6qd2
45
vulnerability VCID-ugq4-1vzc-6uh5
46
vulnerability VCID-vc1v-xsbc-kff1
47
vulnerability VCID-w2u3-bnqq-mqfz
48
vulnerability VCID-wage-1bme-bkgb
49
vulnerability VCID-xa5e-bbcv-byg9
50
vulnerability VCID-xksv-mub7-dyck
51
vulnerability VCID-xpjk-k6tj-2uba
52
vulnerability VCID-y2bq-cb4v-mke6
53
vulnerability VCID-ymbd-m6tf-5bap
54
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3a1
5
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
6
url pkg:pypi/plone@4.3.3
purl pkg:pypi/plone@4.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-d68e-uehc-nudc
15
vulnerability VCID-fga8-ymex-67fw
16
vulnerability VCID-gejv-h449-13e4
17
vulnerability VCID-gsnt-c1cd-d3bf
18
vulnerability VCID-m91w-vguw-qkem
19
vulnerability VCID-njnv-5cwt-4ygy
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r61f-p8nh-2bax
22
vulnerability VCID-r874-3h26-j3fp
23
vulnerability VCID-s5ab-nud4-5qdg
24
vulnerability VCID-sa7x-wvn1-skh1
25
vulnerability VCID-sg6k-wdwq-9bgd
26
vulnerability VCID-tfmu-7tad-xbbe
27
vulnerability VCID-ugq4-1vzc-6uh5
28
vulnerability VCID-w2u3-bnqq-mqfz
29
vulnerability VCID-wage-1bme-bkgb
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.3
aliases CVE-2013-7062, GHSA-4793-w44w-m7xm, PYSEC-2020-218
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pn5z-xdcd-zqd5
46
url VCID-pncb-4m8u-hbaw
vulnerability_id VCID-pncb-4m8u-hbaw
summary AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5507
reference_id
reference_type
scores
0
value 0.00276
scoring_system epss
scoring_elements 0.51249
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5507
1
reference_url https://bugs.launchpad.net/zope2/+bug/1071067
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1071067
2
reference_url https://github.com/advisories/GHSA-3qpr-7rmg-73v8
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-3qpr-7rmg-73v8
3
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-49.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-49.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-75.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-75.yaml
6
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
7
reference_url https://plone.org/products/plone/security/advisories/20121106/23
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/23
8
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5507
reference_id CVE-2012-5507
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5507
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5507, GHSA-3qpr-7rmg-73v8, PYSEC-2014-49, PYSEC-2014-75
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pncb-4m8u-hbaw
47
url VCID-pv2n-2y41-pbg5
vulnerability_id VCID-pv2n-2y41-pbg5
summary Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33507
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.52225
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33507
1
reference_url https://github.com/advisories/GHSA-35rg-466w-77h3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-35rg-466w-77h3
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-79.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-79.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33507
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33507
4
reference_url https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots
5
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33507, GHSA-35rg-466w-77h3, PYSEC-2021-79
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pv2n-2y41-pbg5
48
url VCID-qkv2-qpe2-97cx
vulnerability_id VCID-qkv2-qpe2-97cx
summary Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-2422.
references
0
reference_url http://osvdb.org/72728
reference_id
reference_type
scores
url http://osvdb.org/72728
1
reference_url http://plone.org/products/plone/security/advisories/CVE-2011-1949
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/CVE-2011-1949
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-1949
reference_id
reference_type
scores
0
value 0.00375
scoring_system epss
scoring_elements 0.59413
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-1949
3
reference_url http://secunia.com/advisories/44775
reference_id
reference_type
scores
url http://secunia.com/advisories/44775
4
reference_url http://secunia.com/advisories/44776
reference_id
reference_type
scores
url http://secunia.com/advisories/44776
5
reference_url http://securityreason.com/securityalert/8269
reference_id
reference_type
scores
url http://securityreason.com/securityalert/8269
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/67694
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/67694
7
reference_url https://github.com/advisories/GHSA-h6hq-c896-w882
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-h6hq-c896-w882
8
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-15.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2011-15.yaml
10
reference_url http://www.securityfocus.com/archive/1/518155/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/518155/100/0/threaded
11
reference_url http://www.securityfocus.com/bid/48005
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/48005
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-1949
reference_id CVE-2011-1949
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-1949
fixed_packages
0
url pkg:pypi/plone@4.0.6
purl pkg:pypi/plone@4.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4bjr-mjug-gqd2
9
vulnerability VCID-4hzn-mj8g-37ew
10
vulnerability VCID-4xdg-1sku-17cd
11
vulnerability VCID-4ym2-39bg-dbga
12
vulnerability VCID-5bnw-ktd3-8qeb
13
vulnerability VCID-5e2c-6mkx-4udu
14
vulnerability VCID-5kaj-zugj-mbh1
15
vulnerability VCID-5tbn-qmuj-jya9
16
vulnerability VCID-5z33-3pqj-gygw
17
vulnerability VCID-6898-z4k5-h3b6
18
vulnerability VCID-6rsz-krhe-q3gz
19
vulnerability VCID-7mc8-x346-eyaq
20
vulnerability VCID-83xg-a5v4-4bcw
21
vulnerability VCID-8gk5-28z6-7bcf
22
vulnerability VCID-8j8e-z731-7fbz
23
vulnerability VCID-8md9-zymx-w7cn
24
vulnerability VCID-8r52-vc7e-f3bc
25
vulnerability VCID-99bf-ybqh-dfad
26
vulnerability VCID-9ze6-mfrw-ukdv
27
vulnerability VCID-a628-5uyk-w3ca
28
vulnerability VCID-a67e-svcb-ekhc
29
vulnerability VCID-bj9p-4wzt-47cf
30
vulnerability VCID-ch1t-qmtc-xqfx
31
vulnerability VCID-d68e-uehc-nudc
32
vulnerability VCID-fd6y-2fcd-jbck
33
vulnerability VCID-fga8-ymex-67fw
34
vulnerability VCID-gejv-h449-13e4
35
vulnerability VCID-gsnt-c1cd-d3bf
36
vulnerability VCID-hzgj-wca9-z3d1
37
vulnerability VCID-jhc2-yux7-vybj
38
vulnerability VCID-k34d-p9vb-g7by
39
vulnerability VCID-kak6-5sps-z3da
40
vulnerability VCID-kmd1-vu9u-d7g4
41
vulnerability VCID-kvvr-zc1s-akhn
42
vulnerability VCID-m91w-vguw-qkem
43
vulnerability VCID-mgpa-1taj-pycj
44
vulnerability VCID-njnv-5cwt-4ygy
45
vulnerability VCID-pn5z-xdcd-zqd5
46
vulnerability VCID-pncb-4m8u-hbaw
47
vulnerability VCID-pv2n-2y41-pbg5
48
vulnerability VCID-qkv2-qpe2-97cx
49
vulnerability VCID-qskf-bt81-5bbe
50
vulnerability VCID-r874-3h26-j3fp
51
vulnerability VCID-rn4s-px1y-7fbc
52
vulnerability VCID-s5ab-nud4-5qdg
53
vulnerability VCID-sa7x-wvn1-skh1
54
vulnerability VCID-scgs-bz44-ebfk
55
vulnerability VCID-swq8-17qu-vyfw
56
vulnerability VCID-tfmu-7tad-xbbe
57
vulnerability VCID-u1hz-5a2a-ybac
58
vulnerability VCID-uduq-ujbb-6qd2
59
vulnerability VCID-ugq4-1vzc-6uh5
60
vulnerability VCID-uv7n-awe5-2fav
61
vulnerability VCID-vc1v-xsbc-kff1
62
vulnerability VCID-w2u3-bnqq-mqfz
63
vulnerability VCID-wage-1bme-bkgb
64
vulnerability VCID-xa5e-bbcv-byg9
65
vulnerability VCID-xksv-mub7-dyck
66
vulnerability VCID-xpjk-k6tj-2uba
67
vulnerability VCID-y2bq-cb4v-mke6
68
vulnerability VCID-yaa8-vy4x-cqbq
69
vulnerability VCID-ykg2-qbyr-ayd5
70
vulnerability VCID-ymbd-m6tf-5bap
71
vulnerability VCID-z8kt-tf38-eqgc
72
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.6
1
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
aliases CVE-2011-1949, GHSA-h6hq-c896-w882, PYSEC-2011-15
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qkv2-qpe2-97cx
49
url VCID-qskf-bt81-5bbe
vulnerability_id VCID-qskf-bt81-5bbe
summary The object manager implementation (objectmanager.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly restrict access to internal methods, which allows remote attackers to obtain sensitive information via a crafted request.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4196
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55221
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4196
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978475
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978475
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-60.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-60.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4196
reference_id CVE-2013-4196
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4196
8
reference_url https://github.com/advisories/GHSA-qphh-5fv5-2mjj
reference_id GHSA-qphh-5fv5-2mjj
reference_type
scores
url https://github.com/advisories/GHSA-qphh-5fv5-2mjj
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4196, GHSA-qphh-5fv5-2mjj, PYSEC-2014-60
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qskf-bt81-5bbe
50
url VCID-r874-3h26-j3fp
vulnerability_id VCID-r874-3h26-j3fp
summary Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33508
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.5084
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33508
1
reference_url https://github.com/advisories/GHSA-rmpv-rcp6-v8wc
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rmpv-rcp6-v8wc
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-80.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-80.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33508
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33508
5
reference_url https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname
6
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33508, GHSA-rmpv-rcp6-v8wc, PYSEC-2021-80
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r874-3h26-j3fp
51
url VCID-rn4s-px1y-7fbc
vulnerability_id VCID-rn4s-px1y-7fbc
summary The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers to obtain sensitive information via a crafted URL, which reveals the installation path in an error message.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4194
reference_id
reference_type
scores
0
value 0.00319
scoring_system epss
scoring_elements 0.55221
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4194
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978470
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978470
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-58.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-58.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4194
reference_id CVE-2013-4194
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4194
8
reference_url https://github.com/advisories/GHSA-mm32-jw73-9227
reference_id GHSA-mm32-jw73-9227
reference_type
scores
url https://github.com/advisories/GHSA-mm32-jw73-9227
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4194, GHSA-mm32-jw73-9227, PYSEC-2014-58
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rn4s-px1y-7fbc
52
url VCID-s5ab-nud4-5qdg
vulnerability_id VCID-s5ab-nud4-5qdg
summary Plone 4.0 through 5.1a1 does not have security declarations for Dexterity content-related WebDAV requests, which allows remote attackers to gain webdav access via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4041
reference_id
reference_type
scores
0
value 0.00429
scoring_system epss
scoring_elements 0.62764
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4041
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-55.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-55.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4041
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-4041
4
reference_url https://plone.org/security/hotfix/20160419/privilege-escalation-in-webdav
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20160419/privilege-escalation-in-webdav
5
reference_url http://www.openwall.com/lists/oss-security/2016/04/20/1
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/04/20/1
fixed_packages
0
url pkg:pypi/plone@4.3.10
purl pkg:pypi/plone@4.3.10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-9ze6-mfrw-ukdv
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pv2n-2y41-pbg5
20
vulnerability VCID-r61f-p8nh-2bax
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-wage-1bme-bkgb
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.10
1
url pkg:pypi/plone@5.0.5
purl pkg:pypi/plone@5.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-c3we-w4qc-6fhs
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-dnu9-u6zt-c7ch
15
vulnerability VCID-fga8-ymex-67fw
16
vulnerability VCID-gejv-h449-13e4
17
vulnerability VCID-gsnt-c1cd-d3bf
18
vulnerability VCID-jn3b-smfx-87gg
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pv2n-2y41-pbg5
22
vulnerability VCID-r61f-p8nh-2bax
23
vulnerability VCID-r874-3h26-j3fp
24
vulnerability VCID-s5ab-nud4-5qdg
25
vulnerability VCID-sa7x-wvn1-skh1
26
vulnerability VCID-sg6k-wdwq-9bgd
27
vulnerability VCID-tfmu-7tad-xbbe
28
vulnerability VCID-ugq4-1vzc-6uh5
29
vulnerability VCID-wage-1bme-bkgb
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-ymbd-m6tf-5bap
32
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.5
2
url pkg:pypi/plone@5.1a2
purl pkg:pypi/plone@5.1a2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-sa7x-wvn1-skh1
18
vulnerability VCID-tfmu-7tad-xbbe
19
vulnerability VCID-ugq4-1vzc-6uh5
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1a2
aliases CVE-2016-4041, GHSA-qqgj-22gr-73vx, PYSEC-2017-55
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s5ab-nud4-5qdg
53
url VCID-sa7x-wvn1-skh1
vulnerability_id VCID-sa7x-wvn1-skh1
summary Plone CMS until version 5.2.4 has a stored Cross-Site Scripting (XSS) vulnerability in the user fullname property and the file upload functionality. The user's input data is not properly encoded when being echoed back to the user. This data can be interpreted as executable code by the browser and allows an attacker to execute JavaScript in the context of the victim's browser if the victim opens a vulnerable page containing an XSS payload.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-3313
reference_id
reference_type
scores
0
value 0.00444
scoring_system epss
scoring_elements 0.6367
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-3313
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-78.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-78.yaml
3
reference_url https://plone.org/download/releases/5.2.3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/download/releases/5.2.3
4
reference_url https://plone.org/security/hotfix/20210518
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518
5
reference_url https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html
6
reference_url https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/stored-xss-from-user-fullname
7
reference_url https://www.compass-security.com/fileadmin/Research/Advisories/2021-07_CSNC-2021-013_XSS_in_Plone_CMS.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.compass-security.com/fileadmin/Research/Advisories/2021-07_CSNC-2021-013_XSS_in_Plone_CMS.txt
8
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-3313
reference_id CVE-2021-3313
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-3313
10
reference_url https://github.com/advisories/GHSA-hprr-4vfq-fcxw
reference_id GHSA-hprr-4vfq-fcxw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hprr-4vfq-fcxw
fixed_packages
0
url pkg:pypi/plone@5.2.4
purl pkg:pypi/plone@5.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3n34-5rm7-nbcj
1
vulnerability VCID-5e2c-6mkx-4udu
2
vulnerability VCID-9ze6-mfrw-ukdv
3
vulnerability VCID-d68e-uehc-nudc
4
vulnerability VCID-dnu9-u6zt-c7ch
5
vulnerability VCID-pv2n-2y41-pbg5
6
vulnerability VCID-r61f-p8nh-2bax
7
vulnerability VCID-r874-3h26-j3fp
8
vulnerability VCID-tfmu-7tad-xbbe
9
vulnerability VCID-va5s-rj6t-53a4
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.4
aliases CVE-2021-3313, GHSA-hprr-4vfq-fcxw, PYSEC-2021-78
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sa7x-wvn1-skh1
54
url VCID-scgs-bz44-ebfk
vulnerability_id VCID-scgs-bz44-ebfk
summary Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, does not reseed the pseudo-random number generator (PRNG), which makes it easier for remote attackers to guess the value via unspecified vectors. NOTE: this issue was SPLIT from CVE-2012-5508 due to different vulnerability types (ADT2).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6661
reference_id
reference_type
scores
0
value 0.00403
scoring_system epss
scoring_elements 0.61148
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6661
1
reference_url https://bugs.launchpad.net/zope2/+bug/1071067
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1071067
2
reference_url https://github.com/advisories/GHSA-48vv-2pmq-9fvv
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-48vv-2pmq-9fvv
3
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
4
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-51.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-51.yaml
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-76.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-76.yaml
7
reference_url https://plone.org/products/plone-hotfix/releases/20121124
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121124
8
reference_url https://plone.org/products/plone/security/advisories/20121106/24
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/24
9
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6661
reference_id CVE-2012-6661
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-6661
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-6661, GHSA-48vv-2pmq-9fvv, PYSEC-2014-51, PYSEC-2014-76
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-scgs-bz44-ebfk
55
url VCID-swq8-17qu-vyfw
vulnerability_id VCID-swq8-17qu-vyfw
summary Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4195
reference_id
reference_type
scores
0
value 0.00285
scoring_system epss
scoring_elements 0.5217
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4195
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978471
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978471
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-59.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-59.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4195
reference_id CVE-2013-4195
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 2.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4195
8
reference_url https://github.com/advisories/GHSA-j67j-8hrp-76xm
reference_id GHSA-j67j-8hrp-76xm
reference_type
scores
url https://github.com/advisories/GHSA-j67j-8hrp-76xm
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4195, GHSA-j67j-8hrp-76xm, PYSEC-2014-59
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-swq8-17qu-vyfw
56
url VCID-tfmu-7tad-xbbe
vulnerability_id VCID-tfmu-7tad-xbbe
summary Plone through 5.2.4 allows stored XSS attacks (by a Contributor) by uploading an SVG or HTML document.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33512
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.53803
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33512
1
reference_url https://github.com/advisories/GHSA-hm2h-f456-6j88
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-hm2h-f456-6j88
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-84.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2021-84.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33512
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33512
4
reference_url https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20210518/stored-xss-from-file-upload-svg-html
5
reference_url http://www.openwall.com/lists/oss-security/2021/05/22/1
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/05/22/1
fixed_packages
0
url pkg:pypi/plone@5.2.5
purl pkg:pypi/plone@5.2.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.5
aliases CVE-2021-33512, GHSA-hm2h-f456-6j88, PYSEC-2021-84
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tfmu-7tad-xbbe
57
url VCID-u1hz-5a2a-ybac
vulnerability_id VCID-u1hz-5a2a-ybac
summary python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/security/cve/CVE-2012-5499
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5499
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5499
reference_id
reference_type
scores
0
value 0.00887
scoring_system epss
scoring_elements 0.75816
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5499
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=874657
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=874657
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-41.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-41.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5499
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5499
9
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
10
reference_url https://plone.org/products/plone/security/advisories/20121106/15
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/15
11
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5499, GHSA-wrf2-2rch-cmr9, PYSEC-2014-41
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u1hz-5a2a-ybac
58
url VCID-uduq-ujbb-6qd2
vulnerability_id VCID-uduq-ujbb-6qd2
summary python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (infinite loop) via an RSS feed request for a folder the user does not have permission to access.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5506
reference_id
reference_type
scores
0
value 0.00603
scoring_system epss
scoring_elements 0.69881
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5506
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-48.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-48.yaml
4
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
5
reference_url https://plone.org/products/plone/security/advisories/20121106/22
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/22
6
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5506
reference_id CVE-2012-5506
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5506
8
reference_url https://github.com/advisories/GHSA-79hj-474h-v4xv
reference_id GHSA-79hj-474h-v4xv
reference_type
scores
url https://github.com/advisories/GHSA-79hj-474h-v4xv
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5506, GHSA-79hj-474h-v4xv, PYSEC-2014-48
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uduq-ujbb-6qd2
59
url VCID-ugq4-1vzc-6uh5
vulnerability_id VCID-ugq4-1vzc-6uh5
summary Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-5524
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.39983
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-5524
1
reference_url https://github.com/advisories/GHSA-p5wr-vp8g-q5p4
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-p5wr-vp8g-q5p4
2
reference_url https://github.com/plone/Products.CMFPlone/commit/a7d47692058e10ce89968e7ca4dacbdf44fcad4f
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/a7d47692058e10ce89968e7ca4dacbdf44fcad4f
3
reference_url https://github.com/plone/Products.CMFPlone/pull/1912
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/1912
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-81.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-81.yaml
5
reference_url https://plone.org/security/hotfix/20170117/sandbox-escape
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20170117/sandbox-escape
6
reference_url http://www.openwall.com/lists/oss-security/2017/01/18/6
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2017/01/18/6
7
reference_url http://www.securityfocus.com/bid/95679
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/95679
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-5524
reference_id CVE-2017-5524
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-5524
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-gsnt-c1cd-d3bf
15
vulnerability VCID-jn3b-smfx-87gg
16
vulnerability VCID-pv2n-2y41-pbg5
17
vulnerability VCID-r61f-p8nh-2bax
18
vulnerability VCID-r874-3h26-j3fp
19
vulnerability VCID-s5ab-nud4-5qdg
20
vulnerability VCID-sa7x-wvn1-skh1
21
vulnerability VCID-tfmu-7tad-xbbe
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-y2bq-cb4v-mke6
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
2
url pkg:pypi/plone@5.1b1
purl pkg:pypi/plone@5.1b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-sa7x-wvn1-skh1
18
vulnerability VCID-tfmu-7tad-xbbe
19
vulnerability VCID-wage-1bme-bkgb
20
vulnerability VCID-y2bq-cb4v-mke6
21
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1b1
aliases CVE-2017-5524, GHSA-p5wr-vp8g-q5p4, PYSEC-2017-81
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ugq4-1vzc-6uh5
60
url VCID-uv7n-awe5-2fav
vulnerability_id VCID-uv7n-awe5-2fav
summary Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4190
reference_id
reference_type
scores
0
value 0.00256
scoring_system epss
scoring_elements 0.49124
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4190
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978451
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978451
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-54.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-54.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4190
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4190
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4190, GHSA-89rq-27xp-vgv7, PYSEC-2014-54
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uv7n-awe5-2fav
61
url VCID-vc1v-xsbc-kff1
vulnerability_id VCID-vc1v-xsbc-kff1
summary The App.Undo.UndoSupport.get_request_var_or_attr function in Zope before 2.12.21 and 2.13.x before 2.13.11, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote authenticated users to gain access to restricted attributes via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5489
reference_id
reference_type
scores
0
value 0.00575
scoring_system epss
scoring_elements 0.69076
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5489
1
reference_url https://bugs.launchpad.net/zope2/+bug/1079238
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/zope2/+bug/1079238
2
reference_url https://github.com/advisories/GHSA-879r-7f3w-8jj3
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-879r-7f3w-8jj3
3
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-31.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-31.yaml
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-74.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/zope2/PYSEC-2014-74.yaml
6
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
7
reference_url https://plone.org/products/plone/security/advisories/20121106/05
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/05
8
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5489
reference_id CVE-2012-5489
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5489
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5489, GHSA-879r-7f3w-8jj3, PYSEC-2014-31, PYSEC-2014-74
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vc1v-xsbc-kff1
62
url VCID-w2u3-bnqq-mqfz
vulnerability_id VCID-w2u3-bnqq-mqfz
summary 
User information disclosure
A vulnerability allows unauthorized disclosure of registered user information.
references
0
reference_url https://plone.org/products/plone/security/advisories/20151208-announcement
reference_id
reference_type
scores
url https://plone.org/products/plone/security/advisories/20151208-announcement
fixed_packages
0
url pkg:pypi/plone@4.3.8
purl pkg:pypi/plone@4.3.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-9ze6-mfrw-ukdv
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pv2n-2y41-pbg5
20
vulnerability VCID-r61f-p8nh-2bax
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-wage-1bme-bkgb
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.8
1
url pkg:pypi/plone@5.0.1
purl pkg:pypi/plone@5.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-c3we-w4qc-6fhs
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-dnu9-u6zt-c7ch
15
vulnerability VCID-fga8-ymex-67fw
16
vulnerability VCID-gejv-h449-13e4
17
vulnerability VCID-gsnt-c1cd-d3bf
18
vulnerability VCID-jn3b-smfx-87gg
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pv2n-2y41-pbg5
22
vulnerability VCID-r61f-p8nh-2bax
23
vulnerability VCID-r874-3h26-j3fp
24
vulnerability VCID-s5ab-nud4-5qdg
25
vulnerability VCID-sa7x-wvn1-skh1
26
vulnerability VCID-sg6k-wdwq-9bgd
27
vulnerability VCID-tfmu-7tad-xbbe
28
vulnerability VCID-ugq4-1vzc-6uh5
29
vulnerability VCID-wage-1bme-bkgb
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-ymbd-m6tf-5bap
32
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.1
aliases GMS-2015-51
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w2u3-bnqq-mqfz
63
url VCID-wage-1bme-bkgb
vulnerability_id VCID-wage-1bme-bkgb
summary SQL Injection in DTML or in connection objects in Plone 4.0 through 5.2.1 allows users to perform unwanted SQL queries. (This is a problem in Zope.)
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7939
reference_id
reference_type
scores
0
value 0.00405
scoring_system epss
scoring_elements 0.61294
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7939
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-88.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-88.yaml
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7939
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7939
4
reference_url https://plone.org/security/hotfix/20200121
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20200121
5
reference_url https://plone.org/security/hotfix/20200121/sql-injection-in-dtml-or-in-connection-objects
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20200121/sql-injection-in-dtml-or-in-connection-objects
6
reference_url https://www.openwall.com/lists/oss-security/2020/01/22/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2020/01/22/1
7
reference_url http://www.openwall.com/lists/oss-security/2020/01/24/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/01/24/1
fixed_packages
0
url pkg:pypi/plone@5.2.2
purl pkg:pypi/plone@5.2.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-36xh-ua3s-gyfr
1
vulnerability VCID-3n34-5rm7-nbcj
2
vulnerability VCID-5e2c-6mkx-4udu
3
vulnerability VCID-5z33-3pqj-gygw
4
vulnerability VCID-9ze6-mfrw-ukdv
5
vulnerability VCID-d68e-uehc-nudc
6
vulnerability VCID-dnu9-u6zt-c7ch
7
vulnerability VCID-pv2n-2y41-pbg5
8
vulnerability VCID-r61f-p8nh-2bax
9
vulnerability VCID-r874-3h26-j3fp
10
vulnerability VCID-sa7x-wvn1-skh1
11
vulnerability VCID-tfmu-7tad-xbbe
12
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.2
aliases CVE-2020-7939, GHSA-hhmf-7rgg-gcw5, PYSEC-2020-88
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wage-1bme-bkgb
64
url VCID-xa5e-bbcv-byg9
vulnerability_id VCID-xa5e-bbcv-byg9
summary Products/CMFPlone/FactoryTool.py in Plone 3.3 through 4.3.2 allows remote attackers to obtain the installation path via vectors related to a file object for unspecified documentation which is initialized in class scope.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-7060
reference_id
reference_type
scores
0
value 0.00455
scoring_system epss
scoring_elements 0.64122
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-7060
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/b08a45bc12b1bd42411f1130a487a7a242349ea0/Products/CMFPlone/FactoryTool.py#L272-L274
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/b08a45bc12b1bd42411f1130a487a7a242349ea0/Products/CMFPlone/FactoryTool.py#L272-L274
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-65.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-65.yaml
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-67.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/products-cmfplone/PYSEC-2014-67.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-7060
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-7060
6
reference_url https://plone.org/security/20131210/path-leak
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/20131210/path-leak
7
reference_url http://www.openwall.com/lists/oss-security/2013/12/10/15
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/12/10/15
8
reference_url http://www.openwall.com/lists/oss-security/2013/12/12/3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/12/12/3
fixed_packages
0
url pkg:pypi/plone@4.3.3
purl pkg:pypi/plone@4.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-d68e-uehc-nudc
15
vulnerability VCID-fga8-ymex-67fw
16
vulnerability VCID-gejv-h449-13e4
17
vulnerability VCID-gsnt-c1cd-d3bf
18
vulnerability VCID-m91w-vguw-qkem
19
vulnerability VCID-njnv-5cwt-4ygy
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r61f-p8nh-2bax
22
vulnerability VCID-r874-3h26-j3fp
23
vulnerability VCID-s5ab-nud4-5qdg
24
vulnerability VCID-sa7x-wvn1-skh1
25
vulnerability VCID-sg6k-wdwq-9bgd
26
vulnerability VCID-tfmu-7tad-xbbe
27
vulnerability VCID-ugq4-1vzc-6uh5
28
vulnerability VCID-w2u3-bnqq-mqfz
29
vulnerability VCID-wage-1bme-bkgb
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.3
aliases CVE-2013-7060, GHSA-rg52-j87w-pf83, PYSEC-2014-65, PYSEC-2014-67
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xa5e-bbcv-byg9
65
url VCID-xksv-mub7-dyck
vulnerability_id VCID-xksv-mub7-dyck
summary registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1194.html
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1194.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:1194
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1194
2
reference_url https://access.redhat.com/security/cve/CVE-2012-5485
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2012-5485
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5485
reference_id
reference_type
scores
0
value 0.00599
scoring_system epss
scoring_elements 0.69755
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5485
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=878934
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=878934
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-27.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-27.yaml
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5485
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5485
9
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
10
reference_url https://plone.org/products/plone/security/advisories/20121106/01
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/01
11
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5485, GHSA-7hxc-mwx7-5hmc, PYSEC-2014-27
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xksv-mub7-dyck
66
url VCID-xpjk-k6tj-2uba
vulnerability_id VCID-xpjk-k6tj-2uba
summary Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-5502
reference_id
reference_type
scores
0
value 0.00152
scoring_system epss
scoring_elements 0.35523
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-5502
1
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
2
reference_url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-44.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-44.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-5502
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-5502
5
reference_url https://plone.org/products/plone-hotfix/releases/20121106
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone-hotfix/releases/20121106
6
reference_url https://plone.org/products/plone/security/advisories/20121106/18
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/products/plone/security/advisories/20121106/18
7
reference_url http://www.openwall.com/lists/oss-security/2012/11/10/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2012/11/10/1
fixed_packages
0
url pkg:pypi/plone@4.2.3
purl pkg:pypi/plone@4.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-4bjr-mjug-gqd2
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-7mc8-x346-eyaq
13
vulnerability VCID-83xg-a5v4-4bcw
14
vulnerability VCID-8r52-vc7e-f3bc
15
vulnerability VCID-9ze6-mfrw-ukdv
16
vulnerability VCID-a628-5uyk-w3ca
17
vulnerability VCID-a67e-svcb-ekhc
18
vulnerability VCID-bj9p-4wzt-47cf
19
vulnerability VCID-d68e-uehc-nudc
20
vulnerability VCID-fd6y-2fcd-jbck
21
vulnerability VCID-fga8-ymex-67fw
22
vulnerability VCID-gejv-h449-13e4
23
vulnerability VCID-gsnt-c1cd-d3bf
24
vulnerability VCID-m91w-vguw-qkem
25
vulnerability VCID-njnv-5cwt-4ygy
26
vulnerability VCID-pn5z-xdcd-zqd5
27
vulnerability VCID-pv2n-2y41-pbg5
28
vulnerability VCID-qskf-bt81-5bbe
29
vulnerability VCID-r874-3h26-j3fp
30
vulnerability VCID-rn4s-px1y-7fbc
31
vulnerability VCID-s5ab-nud4-5qdg
32
vulnerability VCID-sa7x-wvn1-skh1
33
vulnerability VCID-sg6k-wdwq-9bgd
34
vulnerability VCID-swq8-17qu-vyfw
35
vulnerability VCID-tfmu-7tad-xbbe
36
vulnerability VCID-ugq4-1vzc-6uh5
37
vulnerability VCID-uv7n-awe5-2fav
38
vulnerability VCID-w2u3-bnqq-mqfz
39
vulnerability VCID-wage-1bme-bkgb
40
vulnerability VCID-xa5e-bbcv-byg9
41
vulnerability VCID-y2bq-cb4v-mke6
42
vulnerability VCID-yaa8-vy4x-cqbq
43
vulnerability VCID-ykg2-qbyr-ayd5
44
vulnerability VCID-ymbd-m6tf-5bap
45
vulnerability VCID-z8kt-tf38-eqgc
46
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.3
1
url pkg:pypi/plone@4.3b1
purl pkg:pypi/plone@4.3b1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-5e2c-6mkx-4udu
6
vulnerability VCID-5kaj-zugj-mbh1
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-6898-z4k5-h3b6
10
vulnerability VCID-9ze6-mfrw-ukdv
11
vulnerability VCID-a67e-svcb-ekhc
12
vulnerability VCID-d68e-uehc-nudc
13
vulnerability VCID-fga8-ymex-67fw
14
vulnerability VCID-gejv-h449-13e4
15
vulnerability VCID-gsnt-c1cd-d3bf
16
vulnerability VCID-m91w-vguw-qkem
17
vulnerability VCID-njnv-5cwt-4ygy
18
vulnerability VCID-pv2n-2y41-pbg5
19
vulnerability VCID-r874-3h26-j3fp
20
vulnerability VCID-s5ab-nud4-5qdg
21
vulnerability VCID-sa7x-wvn1-skh1
22
vulnerability VCID-sg6k-wdwq-9bgd
23
vulnerability VCID-tfmu-7tad-xbbe
24
vulnerability VCID-ugq4-1vzc-6uh5
25
vulnerability VCID-w2u3-bnqq-mqfz
26
vulnerability VCID-wage-1bme-bkgb
27
vulnerability VCID-xa5e-bbcv-byg9
28
vulnerability VCID-y2bq-cb4v-mke6
29
vulnerability VCID-ymbd-m6tf-5bap
30
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3b1
aliases CVE-2012-5502, GHSA-hr59-35cr-qf43, PYSEC-2014-44
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpjk-k6tj-2uba
67
url VCID-y2bq-cb4v-mke6
vulnerability_id VCID-y2bq-cb4v-mke6
summary When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login, you get redirected to the page you tried to view before. An attacker might try to abuse this by letting you click on a specially crafted link. You would login, and get redirected to the site of the attacker, letting you think that you are still on the original Plone site. Or some javascript of the attacker could be executed. Most of these types of attacks are already blocked by Plone, using the `isURLInPortal` check to make sure we only redirect to a page on the same Plone site. But a few more ways of tricking Plone into accepting a malicious link were discovered, and fixed with this hotfix.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000481
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41478
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000481
1
reference_url https://github.com/plone/Products.CMFPlone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone
2
reference_url https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/05a943ecbcdda56bacc93b55c9e2e908d8a7dfab
3
reference_url https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/0e50e1e67ea3b6d3187f78cb1a1628081f654d3b
4
reference_url https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/236b62b756ff46a92783b3897e717dfb15eb07d8
5
reference_url https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/7db5b2c8fb684055987b8c4fdedc29289bd26373
6
reference_url https://github.com/plone/Products.CMFPlone/issues/2232
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/2232
7
reference_url https://github.com/plone/Products.CMFPlone/pull/2233
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2233
8
reference_url https://github.com/plone/Products.CMFPlone/pull/2234
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2234
9
reference_url https://github.com/plone/Products.CMFPlone/pull/2235
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2235
10
reference_url https://github.com/plone/Products.CMFPlone/pull/2236
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/pull/2236
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-70.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2018-70.yaml
12
reference_url https://plone.org/security/hotfix/20171128/open-redirection-on-login-form
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20171128/open-redirection-on-login-form
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000481
reference_id CVE-2017-1000481
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000481
14
reference_url https://github.com/advisories/GHSA-8g72-gq68-6gqh
reference_id GHSA-8g72-gq68-6gqh
reference_type
scores
url https://github.com/advisories/GHSA-8g72-gq68-6gqh
fixed_packages
0
url pkg:pypi/plone@4.3.16
purl pkg:pypi/plone@4.3.16
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5tbn-qmuj-jya9
6
vulnerability VCID-5z33-3pqj-gygw
7
vulnerability VCID-9ze6-mfrw-ukdv
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-fga8-ymex-67fw
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-gsnt-c1cd-d3bf
12
vulnerability VCID-pv2n-2y41-pbg5
13
vulnerability VCID-r61f-p8nh-2bax
14
vulnerability VCID-r874-3h26-j3fp
15
vulnerability VCID-s5ab-nud4-5qdg
16
vulnerability VCID-sa7x-wvn1-skh1
17
vulnerability VCID-tfmu-7tad-xbbe
18
vulnerability VCID-wage-1bme-bkgb
19
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.16
1
url pkg:pypi/plone@5.1.0
purl pkg:pypi/plone@5.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5z33-3pqj-gygw
6
vulnerability VCID-9ze6-mfrw-ukdv
7
vulnerability VCID-c3we-w4qc-6fhs
8
vulnerability VCID-d68e-uehc-nudc
9
vulnerability VCID-dnu9-u6zt-c7ch
10
vulnerability VCID-gejv-h449-13e4
11
vulnerability VCID-pv2n-2y41-pbg5
12
vulnerability VCID-r61f-p8nh-2bax
13
vulnerability VCID-r874-3h26-j3fp
14
vulnerability VCID-sa7x-wvn1-skh1
15
vulnerability VCID-tfmu-7tad-xbbe
16
vulnerability VCID-wage-1bme-bkgb
17
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.1.0
aliases CVE-2017-1000481, GHSA-8g72-gq68-6gqh, PYSEC-2018-70
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y2bq-cb4v-mke6
68
url VCID-yaa8-vy4x-cqbq
vulnerability_id VCID-yaa8-vy4x-cqbq
summary Cross-site scripting (XSS) vulnerability in Plone 3.3.0 through 3.3.6, 4.0.0 through 4.0.10, 4.1.0 through 4.1.6, 4.2.0 through 4.2.7, 4.3.x before 4.3.7, and 5.0rc1.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7316
reference_id
reference_type
scores
0
value 0.0051
scoring_system epss
scoring_elements 0.66719
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7316
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1264788
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1264788
2
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
3
reference_url https://github.com/plone/Products.CMFPlone/commit/3da710a2cd68587f0bf34f2e7ea1167d6eeee087
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/commit/3da710a2cd68587f0bf34f2e7ea1167d6eeee087
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-53.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-53.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7316
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7316
6
reference_url https://plone.org/security/20150910/
reference_id
reference_type
scores
url https://plone.org/security/20150910/
7
reference_url https://plone.org/security/20150910/non-persistent-xss-in-plone
reference_id
reference_type
scores
url https://plone.org/security/20150910/non-persistent-xss-in-plone
8
reference_url https://plone.org/security/hotfix/20150910/non-persistent-xss-in-plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20150910/non-persistent-xss-in-plone
9
reference_url https://pypi.org/project/Products.PloneHotfix20150910
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/Products.PloneHotfix20150910
10
reference_url https://pypi.python.org/pypi/Products.PloneHotfix20150910
reference_id
reference_type
scores
url https://pypi.python.org/pypi/Products.PloneHotfix20150910
11
reference_url http://www.openwall.com/lists/oss-security/2015/09/22/14
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/09/22/14
fixed_packages
0
url pkg:pypi/plone@4.0.11
purl pkg:pypi/plone@4.0.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.11
1
url pkg:pypi/plone@4.1a1
purl pkg:pypi/plone@4.1a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-31m2-mwzq-judc
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4xdg-1sku-17cd
10
vulnerability VCID-4ym2-39bg-dbga
11
vulnerability VCID-5bnw-ktd3-8qeb
12
vulnerability VCID-5e2c-6mkx-4udu
13
vulnerability VCID-5kaj-zugj-mbh1
14
vulnerability VCID-5tbn-qmuj-jya9
15
vulnerability VCID-5z33-3pqj-gygw
16
vulnerability VCID-6898-z4k5-h3b6
17
vulnerability VCID-6rsz-krhe-q3gz
18
vulnerability VCID-7mc8-x346-eyaq
19
vulnerability VCID-83xg-a5v4-4bcw
20
vulnerability VCID-8gk5-28z6-7bcf
21
vulnerability VCID-8j8e-z731-7fbz
22
vulnerability VCID-8md9-zymx-w7cn
23
vulnerability VCID-8r52-vc7e-f3bc
24
vulnerability VCID-99bf-ybqh-dfad
25
vulnerability VCID-9ze6-mfrw-ukdv
26
vulnerability VCID-a628-5uyk-w3ca
27
vulnerability VCID-a67e-svcb-ekhc
28
vulnerability VCID-bj9p-4wzt-47cf
29
vulnerability VCID-ch1t-qmtc-xqfx
30
vulnerability VCID-d68e-uehc-nudc
31
vulnerability VCID-fd6y-2fcd-jbck
32
vulnerability VCID-fga8-ymex-67fw
33
vulnerability VCID-gejv-h449-13e4
34
vulnerability VCID-gsnt-c1cd-d3bf
35
vulnerability VCID-hzgj-wca9-z3d1
36
vulnerability VCID-jhc2-yux7-vybj
37
vulnerability VCID-k34d-p9vb-g7by
38
vulnerability VCID-kak6-5sps-z3da
39
vulnerability VCID-kmd1-vu9u-d7g4
40
vulnerability VCID-kvvr-zc1s-akhn
41
vulnerability VCID-m91w-vguw-qkem
42
vulnerability VCID-mgpa-1taj-pycj
43
vulnerability VCID-njnv-5cwt-4ygy
44
vulnerability VCID-pncb-4m8u-hbaw
45
vulnerability VCID-pv2n-2y41-pbg5
46
vulnerability VCID-qkv2-qpe2-97cx
47
vulnerability VCID-qskf-bt81-5bbe
48
vulnerability VCID-r874-3h26-j3fp
49
vulnerability VCID-rn4s-px1y-7fbc
50
vulnerability VCID-s5ab-nud4-5qdg
51
vulnerability VCID-sa7x-wvn1-skh1
52
vulnerability VCID-scgs-bz44-ebfk
53
vulnerability VCID-swq8-17qu-vyfw
54
vulnerability VCID-tfmu-7tad-xbbe
55
vulnerability VCID-u1hz-5a2a-ybac
56
vulnerability VCID-uduq-ujbb-6qd2
57
vulnerability VCID-ugq4-1vzc-6uh5
58
vulnerability VCID-uv7n-awe5-2fav
59
vulnerability VCID-vc1v-xsbc-kff1
60
vulnerability VCID-w2u3-bnqq-mqfz
61
vulnerability VCID-wage-1bme-bkgb
62
vulnerability VCID-xa5e-bbcv-byg9
63
vulnerability VCID-xksv-mub7-dyck
64
vulnerability VCID-xpjk-k6tj-2uba
65
vulnerability VCID-y2bq-cb4v-mke6
66
vulnerability VCID-ykg2-qbyr-ayd5
67
vulnerability VCID-ymbd-m6tf-5bap
68
vulnerability VCID-z8kt-tf38-eqgc
69
vulnerability VCID-zf51-58kf-43bf
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1a1
2
url pkg:pypi/plone@4.1.7
purl pkg:pypi/plone@4.1.7
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.7
3
url pkg:pypi/plone@4.2a1
purl pkg:pypi/plone@4.2a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4hzn-mj8g-37ew
8
vulnerability VCID-4ym2-39bg-dbga
9
vulnerability VCID-5e2c-6mkx-4udu
10
vulnerability VCID-5kaj-zugj-mbh1
11
vulnerability VCID-5tbn-qmuj-jya9
12
vulnerability VCID-5z33-3pqj-gygw
13
vulnerability VCID-6898-z4k5-h3b6
14
vulnerability VCID-6rsz-krhe-q3gz
15
vulnerability VCID-8gk5-28z6-7bcf
16
vulnerability VCID-8j8e-z731-7fbz
17
vulnerability VCID-8md9-zymx-w7cn
18
vulnerability VCID-99bf-ybqh-dfad
19
vulnerability VCID-9ze6-mfrw-ukdv
20
vulnerability VCID-a67e-svcb-ekhc
21
vulnerability VCID-ch1t-qmtc-xqfx
22
vulnerability VCID-d68e-uehc-nudc
23
vulnerability VCID-fga8-ymex-67fw
24
vulnerability VCID-gejv-h449-13e4
25
vulnerability VCID-gsnt-c1cd-d3bf
26
vulnerability VCID-hzgj-wca9-z3d1
27
vulnerability VCID-jhc2-yux7-vybj
28
vulnerability VCID-k34d-p9vb-g7by
29
vulnerability VCID-kak6-5sps-z3da
30
vulnerability VCID-kvvr-zc1s-akhn
31
vulnerability VCID-m91w-vguw-qkem
32
vulnerability VCID-mgpa-1taj-pycj
33
vulnerability VCID-njnv-5cwt-4ygy
34
vulnerability VCID-pncb-4m8u-hbaw
35
vulnerability VCID-pv2n-2y41-pbg5
36
vulnerability VCID-r874-3h26-j3fp
37
vulnerability VCID-rv8k-q8hx-7yeb
38
vulnerability VCID-s5ab-nud4-5qdg
39
vulnerability VCID-sa7x-wvn1-skh1
40
vulnerability VCID-scgs-bz44-ebfk
41
vulnerability VCID-tfmu-7tad-xbbe
42
vulnerability VCID-u1hz-5a2a-ybac
43
vulnerability VCID-uduq-ujbb-6qd2
44
vulnerability VCID-ugq4-1vzc-6uh5
45
vulnerability VCID-vc1v-xsbc-kff1
46
vulnerability VCID-w2u3-bnqq-mqfz
47
vulnerability VCID-wage-1bme-bkgb
48
vulnerability VCID-xa5e-bbcv-byg9
49
vulnerability VCID-xksv-mub7-dyck
50
vulnerability VCID-xpjk-k6tj-2uba
51
vulnerability VCID-y2bq-cb4v-mke6
52
vulnerability VCID-ymbd-m6tf-5bap
53
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2a1
4
url pkg:pypi/plone@4.2.8
purl pkg:pypi/plone@4.2.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.8
5
url pkg:pypi/plone@4.3a1
purl pkg:pypi/plone@4.3a1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3uw2-j3r6-77ch
5
vulnerability VCID-3v6x-b2g3-fyhq
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-46az-51p2-yfdf
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5e2c-6mkx-4udu
11
vulnerability VCID-5kaj-zugj-mbh1
12
vulnerability VCID-5tbn-qmuj-jya9
13
vulnerability VCID-5z33-3pqj-gygw
14
vulnerability VCID-6898-z4k5-h3b6
15
vulnerability VCID-6rsz-krhe-q3gz
16
vulnerability VCID-8gk5-28z6-7bcf
17
vulnerability VCID-8j8e-z731-7fbz
18
vulnerability VCID-8md9-zymx-w7cn
19
vulnerability VCID-99bf-ybqh-dfad
20
vulnerability VCID-9ze6-mfrw-ukdv
21
vulnerability VCID-a67e-svcb-ekhc
22
vulnerability VCID-ch1t-qmtc-xqfx
23
vulnerability VCID-d68e-uehc-nudc
24
vulnerability VCID-fga8-ymex-67fw
25
vulnerability VCID-gejv-h449-13e4
26
vulnerability VCID-gsnt-c1cd-d3bf
27
vulnerability VCID-hzgj-wca9-z3d1
28
vulnerability VCID-jhc2-yux7-vybj
29
vulnerability VCID-k34d-p9vb-g7by
30
vulnerability VCID-kak6-5sps-z3da
31
vulnerability VCID-kvvr-zc1s-akhn
32
vulnerability VCID-m91w-vguw-qkem
33
vulnerability VCID-mgpa-1taj-pycj
34
vulnerability VCID-njnv-5cwt-4ygy
35
vulnerability VCID-pncb-4m8u-hbaw
36
vulnerability VCID-pv2n-2y41-pbg5
37
vulnerability VCID-r874-3h26-j3fp
38
vulnerability VCID-s5ab-nud4-5qdg
39
vulnerability VCID-sa7x-wvn1-skh1
40
vulnerability VCID-scgs-bz44-ebfk
41
vulnerability VCID-sg6k-wdwq-9bgd
42
vulnerability VCID-tfmu-7tad-xbbe
43
vulnerability VCID-u1hz-5a2a-ybac
44
vulnerability VCID-uduq-ujbb-6qd2
45
vulnerability VCID-ugq4-1vzc-6uh5
46
vulnerability VCID-vc1v-xsbc-kff1
47
vulnerability VCID-w2u3-bnqq-mqfz
48
vulnerability VCID-wage-1bme-bkgb
49
vulnerability VCID-xa5e-bbcv-byg9
50
vulnerability VCID-xksv-mub7-dyck
51
vulnerability VCID-xpjk-k6tj-2uba
52
vulnerability VCID-y2bq-cb4v-mke6
53
vulnerability VCID-ymbd-m6tf-5bap
54
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3a1
6
url pkg:pypi/plone@4.3.7
purl pkg:pypi/plone@4.3.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5tbn-qmuj-jya9
10
vulnerability VCID-5z33-3pqj-gygw
11
vulnerability VCID-6898-z4k5-h3b6
12
vulnerability VCID-9ze6-mfrw-ukdv
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pv2n-2y41-pbg5
20
vulnerability VCID-r61f-p8nh-2bax
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-y2bq-cb4v-mke6
30
vulnerability VCID-ymbd-m6tf-5bap
31
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.7
7
url pkg:pypi/plone@5.0rc2
purl pkg:pypi/plone@5.0rc2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3s9q-6gvu-qyef
4
vulnerability VCID-5e2c-6mkx-4udu
5
vulnerability VCID-5z33-3pqj-gygw
6
vulnerability VCID-9ze6-mfrw-ukdv
7
vulnerability VCID-d68e-uehc-nudc
8
vulnerability VCID-fga8-ymex-67fw
9
vulnerability VCID-gejv-h449-13e4
10
vulnerability VCID-gsnt-c1cd-d3bf
11
vulnerability VCID-jn3b-smfx-87gg
12
vulnerability VCID-pv2n-2y41-pbg5
13
vulnerability VCID-r61f-p8nh-2bax
14
vulnerability VCID-r874-3h26-j3fp
15
vulnerability VCID-s5ab-nud4-5qdg
16
vulnerability VCID-sa7x-wvn1-skh1
17
vulnerability VCID-tfmu-7tad-xbbe
18
vulnerability VCID-ugq4-1vzc-6uh5
19
vulnerability VCID-w2u3-bnqq-mqfz
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0rc2
aliases CVE-2015-7316, GHSA-vf8g-m3vq-6p4p, PYSEC-2017-53
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yaa8-vy4x-cqbq
69
url VCID-ykg2-qbyr-ayd5
vulnerability_id VCID-ykg2-qbyr-ayd5
summary member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4197
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.66192
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4197
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978478
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978478
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-61.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-61.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4197
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 7.2
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4197
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4197, GHSA-jjvw-3h9j-p7jf, PYSEC-2014-61
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ykg2-qbyr-ayd5
70
url VCID-ymbd-m6tf-5bap
vulnerability_id VCID-ymbd-m6tf-5bap
summary Cross-site scripting (XSS) vulnerability in an unspecified page template in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
references
0
reference_url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7139
reference_id
reference_type
scores
0
value 0.00491
scoring_system epss
scoring_elements 0.65908
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7139
2
reference_url http://seclists.org/fulldisclosure/2016/Oct/80
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2016/Oct/80
3
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-62.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-62.yaml
5
reference_url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone
6
reference_url https://web.archive.org/web/20201207134910/http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201207134910/http://www.securityfocus.com/bid/92752
7
reference_url https://web.archive.org/web/20201207134911/http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201207134911/http://www.securityfocus.com/archive/1/539572/100/0/threaded
8
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/4
9
reference_url http://www.openwall.com/lists/oss-security/2016/09/05/5
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/09/05/5
10
reference_url http://www.securityfocus.com/archive/1/539572/100/0/threaded
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/archive/1/539572/100/0/threaded
11
reference_url http://www.securityfocus.com/bid/92752
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/92752
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-7139
reference_id CVE-2016-7139
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-7139
13
reference_url https://github.com/advisories/GHSA-pp4c-2692-7f37
reference_id GHSA-pp4c-2692-7f37
reference_type
scores
url https://github.com/advisories/GHSA-pp4c-2692-7f37
fixed_packages
0
url pkg:pypi/plone@4.3.12
purl pkg:pypi/plone@4.3.12
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5tbn-qmuj-jya9
8
vulnerability VCID-5z33-3pqj-gygw
9
vulnerability VCID-9ze6-mfrw-ukdv
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-fga8-ymex-67fw
12
vulnerability VCID-gejv-h449-13e4
13
vulnerability VCID-gsnt-c1cd-d3bf
14
vulnerability VCID-pv2n-2y41-pbg5
15
vulnerability VCID-r61f-p8nh-2bax
16
vulnerability VCID-r874-3h26-j3fp
17
vulnerability VCID-s5ab-nud4-5qdg
18
vulnerability VCID-sa7x-wvn1-skh1
19
vulnerability VCID-tfmu-7tad-xbbe
20
vulnerability VCID-wage-1bme-bkgb
21
vulnerability VCID-y2bq-cb4v-mke6
22
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12
1
url pkg:pypi/plone@5.0.6
purl pkg:pypi/plone@5.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-5e2c-6mkx-4udu
8
vulnerability VCID-5kaj-zugj-mbh1
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-c3we-w4qc-6fhs
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-dnu9-u6zt-c7ch
15
vulnerability VCID-fga8-ymex-67fw
16
vulnerability VCID-gejv-h449-13e4
17
vulnerability VCID-gsnt-c1cd-d3bf
18
vulnerability VCID-jn3b-smfx-87gg
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pv2n-2y41-pbg5
22
vulnerability VCID-r61f-p8nh-2bax
23
vulnerability VCID-r874-3h26-j3fp
24
vulnerability VCID-s5ab-nud4-5qdg
25
vulnerability VCID-sa7x-wvn1-skh1
26
vulnerability VCID-sg6k-wdwq-9bgd
27
vulnerability VCID-tfmu-7tad-xbbe
28
vulnerability VCID-ugq4-1vzc-6uh5
29
vulnerability VCID-wage-1bme-bkgb
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-ymbd-m6tf-5bap
32
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.6
2
url pkg:pypi/plone@5.0.7
purl pkg:pypi/plone@5.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-3s9q-6gvu-qyef
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5z33-3pqj-gygw
8
vulnerability VCID-9ze6-mfrw-ukdv
9
vulnerability VCID-c3we-w4qc-6fhs
10
vulnerability VCID-d68e-uehc-nudc
11
vulnerability VCID-dnu9-u6zt-c7ch
12
vulnerability VCID-fga8-ymex-67fw
13
vulnerability VCID-gejv-h449-13e4
14
vulnerability VCID-gsnt-c1cd-d3bf
15
vulnerability VCID-jn3b-smfx-87gg
16
vulnerability VCID-pv2n-2y41-pbg5
17
vulnerability VCID-r61f-p8nh-2bax
18
vulnerability VCID-r874-3h26-j3fp
19
vulnerability VCID-s5ab-nud4-5qdg
20
vulnerability VCID-sa7x-wvn1-skh1
21
vulnerability VCID-tfmu-7tad-xbbe
22
vulnerability VCID-wage-1bme-bkgb
23
vulnerability VCID-y2bq-cb4v-mke6
24
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7
aliases CVE-2016-7139, GHSA-pp4c-2692-7f37, PYSEC-2017-62
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymbd-m6tf-5bap
71
url VCID-z8kt-tf38-eqgc
vulnerability_id VCID-z8kt-tf38-eqgc
summary Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-28735
reference_id
reference_type
scores
0
value 0.00484
scoring_system epss
scoring_elements 0.65579
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-28735
1
reference_url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://dist.plone.org/release/5.2.3/RELEASE-NOTES.txt
2
reference_url https://github.com/advisories/GHSA-x7wf-5mjc-6x76
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-x7wf-5mjc-6x76
3
reference_url https://github.com/plone/Products.CMFPlone/issues/3209
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Products.CMFPlone/issues/3209
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-247.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2020-247.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-28735
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-28735
6
reference_url https://www.misakikata.com/codes/plone/python-en.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.misakikata.com/codes/plone/python-en.html
fixed_packages
0
url pkg:pypi/plone@5.2.3
purl pkg:pypi/plone@5.2.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3n34-5rm7-nbcj
1
vulnerability VCID-5e2c-6mkx-4udu
2
vulnerability VCID-9ze6-mfrw-ukdv
3
vulnerability VCID-ccuu-86vs-s3gs
4
vulnerability VCID-d68e-uehc-nudc
5
vulnerability VCID-dnu9-u6zt-c7ch
6
vulnerability VCID-pv2n-2y41-pbg5
7
vulnerability VCID-r61f-p8nh-2bax
8
vulnerability VCID-r874-3h26-j3fp
9
vulnerability VCID-sa7x-wvn1-skh1
10
vulnerability VCID-tfmu-7tad-xbbe
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.2.3
aliases CVE-2020-28735, GHSA-x7wf-5mjc-6x76, PYSEC-2020-247
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8kt-tf38-eqgc
72
url VCID-zf51-58kf-43bf
vulnerability_id VCID-zf51-58kf-43bf
summary sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.
references
0
reference_url http://plone.org/products/plone-hotfix/releases/20130618
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone-hotfix/releases/20130618
1
reference_url http://plone.org/products/plone/security/advisories/20130618-announcement
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://plone.org/products/plone/security/advisories/20130618-announcement
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4192
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.44395
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4192
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=978464
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=978464
4
reference_url http://seclists.org/oss-sec/2013/q3/261
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2013/q3/261
5
reference_url https://github.com/plone/Plone
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/plone/Plone
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-56.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2014-56.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4192
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4192
fixed_packages
0
url pkg:pypi/plone@4.1.1
purl pkg:pypi/plone@4.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36xh-ua3s-gyfr
2
vulnerability VCID-3n34-5rm7-nbcj
3
vulnerability VCID-3uw2-j3r6-77ch
4
vulnerability VCID-3v6x-b2g3-fyhq
5
vulnerability VCID-43m1-jkv8-jygp
6
vulnerability VCID-46az-51p2-yfdf
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-4hzn-mj8g-37ew
9
vulnerability VCID-4ym2-39bg-dbga
10
vulnerability VCID-5bnw-ktd3-8qeb
11
vulnerability VCID-5e2c-6mkx-4udu
12
vulnerability VCID-5kaj-zugj-mbh1
13
vulnerability VCID-5tbn-qmuj-jya9
14
vulnerability VCID-5z33-3pqj-gygw
15
vulnerability VCID-6898-z4k5-h3b6
16
vulnerability VCID-6rsz-krhe-q3gz
17
vulnerability VCID-8gk5-28z6-7bcf
18
vulnerability VCID-8j8e-z731-7fbz
19
vulnerability VCID-8md9-zymx-w7cn
20
vulnerability VCID-99bf-ybqh-dfad
21
vulnerability VCID-9ze6-mfrw-ukdv
22
vulnerability VCID-a67e-svcb-ekhc
23
vulnerability VCID-ch1t-qmtc-xqfx
24
vulnerability VCID-d68e-uehc-nudc
25
vulnerability VCID-fga8-ymex-67fw
26
vulnerability VCID-gejv-h449-13e4
27
vulnerability VCID-gsnt-c1cd-d3bf
28
vulnerability VCID-hzgj-wca9-z3d1
29
vulnerability VCID-jhc2-yux7-vybj
30
vulnerability VCID-k34d-p9vb-g7by
31
vulnerability VCID-kak6-5sps-z3da
32
vulnerability VCID-kvvr-zc1s-akhn
33
vulnerability VCID-m91w-vguw-qkem
34
vulnerability VCID-mgpa-1taj-pycj
35
vulnerability VCID-njnv-5cwt-4ygy
36
vulnerability VCID-pn5z-xdcd-zqd5
37
vulnerability VCID-pncb-4m8u-hbaw
38
vulnerability VCID-pv2n-2y41-pbg5
39
vulnerability VCID-r874-3h26-j3fp
40
vulnerability VCID-s5ab-nud4-5qdg
41
vulnerability VCID-sa7x-wvn1-skh1
42
vulnerability VCID-scgs-bz44-ebfk
43
vulnerability VCID-tfmu-7tad-xbbe
44
vulnerability VCID-u1hz-5a2a-ybac
45
vulnerability VCID-uduq-ujbb-6qd2
46
vulnerability VCID-ugq4-1vzc-6uh5
47
vulnerability VCID-vc1v-xsbc-kff1
48
vulnerability VCID-w2u3-bnqq-mqfz
49
vulnerability VCID-wage-1bme-bkgb
50
vulnerability VCID-xa5e-bbcv-byg9
51
vulnerability VCID-xksv-mub7-dyck
52
vulnerability VCID-xpjk-k6tj-2uba
53
vulnerability VCID-y2bq-cb4v-mke6
54
vulnerability VCID-yaa8-vy4x-cqbq
55
vulnerability VCID-ymbd-m6tf-5bap
56
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.1.1
1
url pkg:pypi/plone@4.2.6
purl pkg:pypi/plone@4.2.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-311f-xecp-47fm
1
vulnerability VCID-36rb-6jkw-j7d8
2
vulnerability VCID-36xh-ua3s-gyfr
3
vulnerability VCID-3n34-5rm7-nbcj
4
vulnerability VCID-43m1-jkv8-jygp
5
vulnerability VCID-4bjr-mjug-gqd2
6
vulnerability VCID-5e2c-6mkx-4udu
7
vulnerability VCID-5kaj-zugj-mbh1
8
vulnerability VCID-5tbn-qmuj-jya9
9
vulnerability VCID-5z33-3pqj-gygw
10
vulnerability VCID-6898-z4k5-h3b6
11
vulnerability VCID-9ze6-mfrw-ukdv
12
vulnerability VCID-a67e-svcb-ekhc
13
vulnerability VCID-d68e-uehc-nudc
14
vulnerability VCID-fga8-ymex-67fw
15
vulnerability VCID-gejv-h449-13e4
16
vulnerability VCID-gsnt-c1cd-d3bf
17
vulnerability VCID-m91w-vguw-qkem
18
vulnerability VCID-njnv-5cwt-4ygy
19
vulnerability VCID-pn5z-xdcd-zqd5
20
vulnerability VCID-pv2n-2y41-pbg5
21
vulnerability VCID-r874-3h26-j3fp
22
vulnerability VCID-s5ab-nud4-5qdg
23
vulnerability VCID-sa7x-wvn1-skh1
24
vulnerability VCID-sg6k-wdwq-9bgd
25
vulnerability VCID-tfmu-7tad-xbbe
26
vulnerability VCID-ugq4-1vzc-6uh5
27
vulnerability VCID-w2u3-bnqq-mqfz
28
vulnerability VCID-wage-1bme-bkgb
29
vulnerability VCID-xa5e-bbcv-byg9
30
vulnerability VCID-y2bq-cb4v-mke6
31
vulnerability VCID-yaa8-vy4x-cqbq
32
vulnerability VCID-ymbd-m6tf-5bap
33
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.2.6
2
url pkg:pypi/plone@4.3.2
purl pkg:pypi/plone@4.3.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jxf-hfxq-skg7
1
vulnerability VCID-311f-xecp-47fm
2
vulnerability VCID-36rb-6jkw-j7d8
3
vulnerability VCID-36xh-ua3s-gyfr
4
vulnerability VCID-3n34-5rm7-nbcj
5
vulnerability VCID-3s9q-6gvu-qyef
6
vulnerability VCID-43m1-jkv8-jygp
7
vulnerability VCID-4bjr-mjug-gqd2
8
vulnerability VCID-5e2c-6mkx-4udu
9
vulnerability VCID-5kaj-zugj-mbh1
10
vulnerability VCID-5tbn-qmuj-jya9
11
vulnerability VCID-5z33-3pqj-gygw
12
vulnerability VCID-6898-z4k5-h3b6
13
vulnerability VCID-9ze6-mfrw-ukdv
14
vulnerability VCID-a67e-svcb-ekhc
15
vulnerability VCID-d68e-uehc-nudc
16
vulnerability VCID-fga8-ymex-67fw
17
vulnerability VCID-gejv-h449-13e4
18
vulnerability VCID-gsnt-c1cd-d3bf
19
vulnerability VCID-m91w-vguw-qkem
20
vulnerability VCID-njnv-5cwt-4ygy
21
vulnerability VCID-pn5z-xdcd-zqd5
22
vulnerability VCID-pv2n-2y41-pbg5
23
vulnerability VCID-r61f-p8nh-2bax
24
vulnerability VCID-r874-3h26-j3fp
25
vulnerability VCID-s5ab-nud4-5qdg
26
vulnerability VCID-sa7x-wvn1-skh1
27
vulnerability VCID-sg6k-wdwq-9bgd
28
vulnerability VCID-tfmu-7tad-xbbe
29
vulnerability VCID-ugq4-1vzc-6uh5
30
vulnerability VCID-w2u3-bnqq-mqfz
31
vulnerability VCID-wage-1bme-bkgb
32
vulnerability VCID-xa5e-bbcv-byg9
33
vulnerability VCID-y2bq-cb4v-mke6
34
vulnerability VCID-yaa8-vy4x-cqbq
35
vulnerability VCID-ymbd-m6tf-5bap
36
vulnerability VCID-z8kt-tf38-eqgc
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.2
aliases CVE-2013-4192, GHSA-f5h9-3hpf-9j8m, PYSEC-2014-56
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zf51-58kf-43bf
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.3