Search results
34 results
Sort by:
Release Schedule and Release Policy
Timeline of maintenance and support for Plone releases. Last major policy update: 2024-01-15.
Plone 5.2.2 released
A bugfix release with many fixes and package version upgrades
Plone 5.2.3, Plone 5.1.7 and Plone 4.3.20 released!
Final releases to 4.3 and 5.1 series, along with the latest 5.2.3.
Plone 5.2.4 Released!
Check out the latest release to Plone 5.2 series, which includes new features to plone.restapi along with security fixes and other improvements.
Remote Code Execution via traversal in expressions with aliases
Remote Code Execution via traversal in expressions part 2
Writing arbitrary files via docutils and Python Script
Information disclosures: mostly installation logs
Stored XSS from file upload (svg, html)
Reflected XSS in various spots
XSS vulnerability in CMFDiffTool
Stored XSS from user fullname
Blind SSRF via feedparser accessing an internal URL
Server Side Request Forgery via event ical URL
Server Side Request Forgery via lxml parser
Stored XSS in folder contents
Remote Code Execution via Python Scripts
Plone 5.2.5 Released!
Check out the latest release to Plone 5.2 series, which includes security fixes, Zope updates and other improvements
Reflected XSS and Open Redirect in image_view_fullscreen
Hotfixes
Plone Hotfix list
Historical list of hotfixes for each Plone version
Plone Hotfix list
Release schedule link
The Plone Release pages try to point to /download/release-schedule, but it comes out as /release-schedule, so I created a link.
20230921
20230921
Denial of Service in plone.rest
Denial of Service when ++api++ is used many times.