📦 Plone

This vulnerability allows remote authenticated managers in Plone to perform arbitrary disk I/O operations via crafted keyword arguments to the ReStructuredText transform in Python scripts. Attackers c...

This vulnerability allows remote attackers to gain root access to systems running affected Plone Docker images by using a blank password for the root user. It affects deployments using official Plone ...

CVE-2024-22889 is an access control vulnerability in Plone v6.0.9 that allows remote attackers to view and list all files hosted on the website via crafted requests. This affects all Plone v6.0.9 inst...

This vulnerability allows unauthenticated attackers to use HTTP PUT and DELETE methods in Plone Docker version 5.2.13, enabling them to upload malicious files or delete existing files on the server. I...

CVE-2021-33511 is a Server-Side Request Forgery (SSRF) vulnerability in Plone CMS that allows attackers to make unauthorized requests from the server to internal or external systems. It affects Plone ...