Security

All about Plone's baked-in security

About Plone Security

About Plone Security

10 reasons behind an extraordinary security track record of Plone.

Read more

Security Announcements

The Plone Security Team will announce and pre-announce all hotfixes via this URL.

Read more

Hotfixes

Plone Hotfix list

Read more

Report a Security Issue

If you think you found a security related problem, please report it responsibly.

Read more

Security update policy

Plone's security team releases periodic updates containing fixes and security improvements typically found through code audits. Serious vulnerabilities, especially those reported by external researchers, are fixed as soon as possible.

Read more
Common Vulnerabilities vs. Plone

Common Vulnerabilities vs. Plone

All about Plone's baked-in security

Read more

Security Team

About the Plone Security Team

Read more

Security track record

Measuring or quantifying security risks in software is hard — security is a process, not a product, and thus requires constant vigilance and good coding practices combined with security reviews. Yet we have never received a report of a serious vulnerability in Plone being exploited in the wild.

Read more
plonesecurity.png

plonesecurity.png

Read more

Plone Hotfix Descriptions

Descriptions of the individual hotfixes and the vulnerabilities they address.

Read more