Browse all 7 CVE security advisories affecting plone. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28413 | Products.isurlinportal: Possible open redirect when using more than 2 forward slashes — Products.isurlinportalCWE-601 | 5.3 | Medium | 2026-03-05 |
| CVE-2025-61668 | @plone/volto vulnerable to potential DoS by invoking specific URL by anonymous user — voltoCWE-476 | 4.3AI | MediumAI | 2025-10-02 |
| CVE-2025-58047 | Volto affected by possible DoS by invoking specific URL by anonymous user — voltoCWE-755 | 7.5 | High | 2025-08-28 |
| CVE-2023-42457 | plone.rest vulnerable to Denial of Service when ++api++ is used many times — plone.restCWE-400 | 7.5 | High | 2023-09-21 |
| CVE-2023-41048 | plone.namedfile vulnerable to Stored Cross Site Scripting with SVG images — plone.namedfileCWE-80 | 3.7 | Low | 2023-09-21 |
| CVE-2022-24740 | Improper Authentication in Volto — voltoCWE-287 | 5.0 | Medium | 2022-03-14 |
| CVE-2021-32806 | URL Redirection to Untrusted Site ('Open Redirect') in Products.isurlinportal — Products.isurlinportalCWE-601 | 6.5 | Medium | 2021-08-02 |
This page lists every published CVE security advisory associated with plone. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.