Security

All about Plone's baked-in security

About Plone Security

About Plone Security

10 reasons behind an extraordinary security track record of Plone.

Security Announcements

The Plone Security Team will announce and pre-announce all hotfixes via this URL.

Hotfixes

Plone Hotfix list

Report a Security Issue

If you think you found a security related problem, please report it responsibly.

Security update policy

Last major policy update: 2024-01-15.

Common Vulnerabilities vs. Plone

Common Vulnerabilities vs. Plone

All about Plone's baked-in security

Security Team

About the Plone Security Team

Security track record

Measuring or quantifying security risks in software is hard — security is a process, not a product, and thus requires constant vigilance and good coding practices combined with security reviews. Yet we have never received a report of a serious vulnerability in Plone being exploited in the wild.

Plone Hotfix Descriptions

Descriptions of the individual hotfixes and the vulnerabilities they address.