{"url":"http://public2.vulnerablecode.io/api/packages/61780?format=json","purl":"pkg:pypi/plone@4.0.0","type":"pypi","namespace":"","name":"plone","version":"4.0.0","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"6.0.10","latest_non_vulnerable_version":"6.0.10","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7402?format=json","vulnerability_id":"VCID-m91w-vguw-qkem","summary":"Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.","references":[{"reference_url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7138","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65908","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7138"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Oct/80","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Oct/80"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-61.yaml"},{"reference_url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-1"},{"reference_url":"https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752"},{"reference_url":"https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/5"},{"reference_url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/92752"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7138","reference_id":"CVE-2016-7138","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7138"},{"reference_url":"https://github.com/advisories/GHSA-v3hp-f8qr-cf3p","reference_id":"GHSA-v3hp-f8qr-cf3p","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v3hp-f8qr-cf3p"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/8399?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jxf-hfxq-skg7"},{"vulnerability":"VCID-311f-xecp-47fm"},{"vulnerability":"VCID-36xh-ua3s-gyfr"},{"vulnerability":"VCID-3n34-5rm7-nbcj"},{"vulnerability":"VCID-3s9q-6gvu-qyef"},{"vulnerability":"VCID-43m1-jkv8-jygp"},{"vulnerability":"VCID-5e2c-6mkx-4udu"},{"vulnerability":"VCID-5tbn-qmuj-jya9"},{"vulnerability":"VCID-5z33-3pqj-gygw"},{"vulnerability":"VCID-9ze6-mfrw-ukdv"},{"vulnerability":"VCID-ccuu-86vs-s3gs"},{"vulnerability":"VCID-cswj-8xmm-xfgx"},{"vulnerability":"VCID-d68e-uehc-nudc"},{"vulnerability":"VCID-fga8-ymex-67fw"},{"vulnerability":"VCID-gejv-h449-13e4"},{"vulnerability":"VCID-gsnt-c1cd-d3bf"},{"vulnerability":"VCID-pv2n-2y41-pbg5"},{"vulnerability":"VCID-r61f-p8nh-2bax"},{"vulnerability":"VCID-r7v2-vxck-fba7"},{"vulnerability":"VCID-r874-3h26-j3fp"},{"vulnerability":"VCID-s5ab-nud4-5qdg"},{"vulnerability":"VCID-sa7x-wvn1-skh1"},{"vulnerability":"VCID-tfmu-7tad-xbbe"},{"vulnerability":"VCID-va5s-rj6t-53a4"},{"vulnerability":"VCID-wage-1bme-bkgb"},{"vulnerability":"VCID-y2bq-cb4v-mke6"},{"vulnerability":"VCID-z8kt-tf38-eqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/8400?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jxf-hfxq-skg7"},{"vulnerability":"VCID-311f-xecp-47fm"},{"vulnerability":"VCID-36xh-ua3s-gyfr"},{"vulnerability":"VCID-3n34-5rm7-nbcj"},{"vulnerability":"VCID-3s9q-6gvu-qyef"},{"vulnerability":"VCID-43m1-jkv8-jygp"},{"vulnerability":"VCID-5e2c-6mkx-4udu"},{"vulnerability":"VCID-5z33-3pqj-gygw"},{"vulnerability":"VCID-9ze6-mfrw-ukdv"},{"vulnerability":"VCID-c3we-w4qc-6fhs"},{"vulnerability":"VCID-ccuu-86vs-s3gs"},{"vulnerability":"VCID-cswj-8xmm-xfgx"},{"vulnerability":"VCID-d68e-uehc-nudc"},{"vulnerability":"VCID-dnu9-u6zt-c7ch"},{"vulnerability":"VCID-fga8-ymex-67fw"},{"vulnerability":"VCID-gejv-h449-13e4"},{"vulnerability":"VCID-gsnt-c1cd-d3bf"},{"vulnerability":"VCID-jn3b-smfx-87gg"},{"vulnerability":"VCID-pv2n-2y41-pbg5"},{"vulnerability":"VCID-r61f-p8nh-2bax"},{"vulnerability":"VCID-r7v2-vxck-fba7"},{"vulnerability":"VCID-r874-3h26-j3fp"},{"vulnerability":"VCID-s5ab-nud4-5qdg"},{"vulnerability":"VCID-sa7x-wvn1-skh1"},{"vulnerability":"VCID-tfmu-7tad-xbbe"},{"vulnerability":"VCID-va5s-rj6t-53a4"},{"vulnerability":"VCID-wage-1bme-bkgb"},{"vulnerability":"VCID-y2bq-cb4v-mke6"},{"vulnerability":"VCID-z8kt-tf38-eqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7138","GHSA-v3hp-f8qr-cf3p","PYSEC-2017-61"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m91w-vguw-qkem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7400?format=json","vulnerability_id":"VCID-sg6k-wdwq-9bgd","summary":"z3c.form in Plone CMS 5.x through 5.0.6 and 4.x through 4.3.11 allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted GET request.","references":[{"reference_url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/139110/Plone-CMS-4.3.11-5.0.6-XSS-Traversal-Open-Redirection.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7136","reference_id":"","reference_type":"","scores":[{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66183","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7136"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Oct/80","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2016/Oct/80"},{"reference_url":"https://github.com/plone/Plone","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/plone/Plone"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-59.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/plone/PYSEC-2017-59.yaml"},{"reference_url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-forms","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://plone.org/security/hotfix/20160830/non-persistent-xss-in-plone-forms"},{"reference_url":"https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210625091607/http://www.securityfocus.com/bid/92752"},{"reference_url":"https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20210625092107/http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/4","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/09/05/5","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2016/09/05/5"},{"reference_url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/539572/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/92752","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/92752"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7136","reference_id":"CVE-2016-7136","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7136"},{"reference_url":"https://github.com/advisories/GHSA-22jm-p2vv-j2hc","reference_id":"GHSA-22jm-p2vv-j2hc","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-22jm-p2vv-j2hc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/8399?format=json","purl":"pkg:pypi/plone@4.3.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jxf-hfxq-skg7"},{"vulnerability":"VCID-311f-xecp-47fm"},{"vulnerability":"VCID-36xh-ua3s-gyfr"},{"vulnerability":"VCID-3n34-5rm7-nbcj"},{"vulnerability":"VCID-3s9q-6gvu-qyef"},{"vulnerability":"VCID-43m1-jkv8-jygp"},{"vulnerability":"VCID-5e2c-6mkx-4udu"},{"vulnerability":"VCID-5tbn-qmuj-jya9"},{"vulnerability":"VCID-5z33-3pqj-gygw"},{"vulnerability":"VCID-9ze6-mfrw-ukdv"},{"vulnerability":"VCID-ccuu-86vs-s3gs"},{"vulnerability":"VCID-cswj-8xmm-xfgx"},{"vulnerability":"VCID-d68e-uehc-nudc"},{"vulnerability":"VCID-fga8-ymex-67fw"},{"vulnerability":"VCID-gejv-h449-13e4"},{"vulnerability":"VCID-gsnt-c1cd-d3bf"},{"vulnerability":"VCID-pv2n-2y41-pbg5"},{"vulnerability":"VCID-r61f-p8nh-2bax"},{"vulnerability":"VCID-r7v2-vxck-fba7"},{"vulnerability":"VCID-r874-3h26-j3fp"},{"vulnerability":"VCID-s5ab-nud4-5qdg"},{"vulnerability":"VCID-sa7x-wvn1-skh1"},{"vulnerability":"VCID-tfmu-7tad-xbbe"},{"vulnerability":"VCID-va5s-rj6t-53a4"},{"vulnerability":"VCID-wage-1bme-bkgb"},{"vulnerability":"VCID-y2bq-cb4v-mke6"},{"vulnerability":"VCID-z8kt-tf38-eqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.3.12"},{"url":"http://public2.vulnerablecode.io/api/packages/8400?format=json","purl":"pkg:pypi/plone@5.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2jxf-hfxq-skg7"},{"vulnerability":"VCID-311f-xecp-47fm"},{"vulnerability":"VCID-36xh-ua3s-gyfr"},{"vulnerability":"VCID-3n34-5rm7-nbcj"},{"vulnerability":"VCID-3s9q-6gvu-qyef"},{"vulnerability":"VCID-43m1-jkv8-jygp"},{"vulnerability":"VCID-5e2c-6mkx-4udu"},{"vulnerability":"VCID-5z33-3pqj-gygw"},{"vulnerability":"VCID-9ze6-mfrw-ukdv"},{"vulnerability":"VCID-c3we-w4qc-6fhs"},{"vulnerability":"VCID-ccuu-86vs-s3gs"},{"vulnerability":"VCID-cswj-8xmm-xfgx"},{"vulnerability":"VCID-d68e-uehc-nudc"},{"vulnerability":"VCID-dnu9-u6zt-c7ch"},{"vulnerability":"VCID-fga8-ymex-67fw"},{"vulnerability":"VCID-gejv-h449-13e4"},{"vulnerability":"VCID-gsnt-c1cd-d3bf"},{"vulnerability":"VCID-jn3b-smfx-87gg"},{"vulnerability":"VCID-pv2n-2y41-pbg5"},{"vulnerability":"VCID-r61f-p8nh-2bax"},{"vulnerability":"VCID-r7v2-vxck-fba7"},{"vulnerability":"VCID-r874-3h26-j3fp"},{"vulnerability":"VCID-s5ab-nud4-5qdg"},{"vulnerability":"VCID-sa7x-wvn1-skh1"},{"vulnerability":"VCID-tfmu-7tad-xbbe"},{"vulnerability":"VCID-va5s-rj6t-53a4"},{"vulnerability":"VCID-wage-1bme-bkgb"},{"vulnerability":"VCID-y2bq-cb4v-mke6"},{"vulnerability":"VCID-z8kt-tf38-eqgc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@5.0.7"}],"aliases":["CVE-2016-7136","GHSA-22jm-p2vv-j2hc","PYSEC-2017-59"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sg6k-wdwq-9bgd"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/plone@4.0.0"}