Search results
21 results
Sort by:
Filesystem information leak
A vulnerability that allows remote attackers to obtain information on files on the server
20160419
20160419
Privilege escalation in WebDAV
A missing WebDAV security declaration would allow unauthorized webdav access.
Unauthorized disclosure of site content
A vulnerability that allows attackers to gain information about private site content.
Bypass Restricted Python
A user who can create or edit templates can bypass Restricted Python.
20151208
20151208
Unauthorized disclosure of registered user information
A vulnerability that allows attackers to gain information about the users registered to a Plone site
Multiple CSRF Vulnerabilities in Zope
The ZMI is mostly unprotected from CSRF vulnerabilities.
Non-Persistent XSS in Plone
Non-Persistent XSS in Plone
Privilege escalation in Kupu
Privilege escalation in Kupu
Header injection
People who can write cookie values in Zope can inject headers