Search results
34 results
Sort by:
Release Schedule and Release Policy
Timeline of maintenance and support for Plone releases. Last major policy update: 2024-01-15.
Plone 5.2.2 released
A bugfix release with many fixes and package version upgrades
Plone 5.2.3, Plone 5.1.7 and Plone 4.3.20 released!
Final releases to 4.3 and 5.1 series, along with the latest 5.2.3.
Plone 5.2.4 Released!
Check out the latest release to Plone 5.2 series, which includes new features to plone.restapi along with security fixes and other improvements.
Plone 5.2.5 Released!
Check out the latest release to Plone 5.2 series, which includes security fixes, Zope updates and other improvements
Stored XSS from user fullname
Stored XSS from file upload (svg, html)
XSS vulnerability in CMFDiffTool
Reflected XSS in various spots
Writing arbitrary files via docutils and Python Script
Information disclosures: mostly installation logs
Blind SSRF via feedparser accessing an internal URL
Server Side Request Forgery via event ical URL
Server Side Request Forgery via lxml parser
Remote Code Execution via traversal in expressions with aliases
Remote Code Execution via traversal in expressions part 2
Stored XSS in folder contents
Remote Code Execution via Python Scripts
Reflected XSS and Open Redirect in image_view_fullscreen
Hotfixes
Plone Hotfix list
Historical list of hotfixes for each Plone version
Plone Hotfix list
Release schedule link
The Plone Release pages try to point to /download/release-schedule, but it comes out as /release-schedule, so I created a link.
20230921
20230921
Denial of Service in plone.rest
Denial of Service when ++api++ is used many times.