|Category:||Web application abuses|
|Title:||Plone 5.0.0 <= 5.2.4 XSS Vulnerability|
|Summary:||Plone is prone to a cross-site scripting (XSS) vulnerability.|
Plone is prone to a cross-site scripting (XSS) vulnerability.
Editors are vulnerable to XSS in the folder contents view, if a
Contributor has created a folder with a SCRIPT tag in the description field.
Successful exploitation would allow an authenticated attacker to
Plone version 5.0.0 through 5.2.4.
Install hotfix package 1.5 or later.
Common Vulnerability Exposure (CVE) ID: CVE-2021-35959|
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.