Package impact
PyPI / plone
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2011-4030 | critical | — | 9.3 | 15y ago | Plone anonymous access to sub-objects in CMFEditions where KwAsAttributes classes were publishable | |
| CVE-2012-5502 | low | — | 3.5 | 12y ago | Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script … | |
| CVE-2013-4199 | low | — | 3.5 | 12y ago | (1) cb_decode.py and (2) linkintegrity.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users to cause a denial of service (resource consumption) v… | |
| CVE-2011-1949 | low | — | 3.5 | 15y ago | Cross-site scripting (XSS) vulnerability in the safe_html filter in Products.PortalTransforms in Plone 2.1 through 4.1 allows remote authenticated users to inject arbitrary web script or HTML via uns… |