Skip to main content
Skip to navigation
Skip to footer
Why Plone
Why Plone
What is Plone?
Features
Plone 6
They use Plone
Extend Plone
Roadmap
Plone as a Headless CMS
Get Started
Get Started with Plone
Try Plone
Install Plone
Documentation
Training
Services
Services
Providers
Training
Community
Community
Bugs
Conferences
Contribute
Forum
Google Summer of Code
Online Chat
Support
Teams
Foundation
Plone Foundation
About the Plone Foundation
Board of Directors
Membership
Meetings
How to Sponsor Plone
Plone Event and Sprint Sponsorship Policy
Copyright, Licensing: Plone Code & Logo
Contact us
News & Events
News and Events
News
Events
Podcasts
The Plone Newsroom
Plone Podcast
Plone in Social Media
Plone YouTube channel
Conferences
Sprints
Plone Tune-Up Days
World Plone Day 2024
Plone Conference 2024
Join the Plone Newsletter
Try now
Home
/
Security
/
Plone Hotfix Descriptions
/
20200121
20200121
Issues fixed
Privilege escalation when plone.restapi is installed
SQL injection in DTML or in connection objects
XSS in the title field on plone 5.0 and higher.
Privilege escalation for overwriting content
An open redirection on the login form and possibly other places
Password strength checks were not always checked.
;