Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-29002

A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 exists in site-controlpanel via the "form.widgets.site_title" parameter.

2021-03-24T15:15:12.737

2024-11-21T06:00:30.217

Modified

CVSSv3.1: 5.4 (MEDIUM)

AV:N/AC:M/Au:S/C:N/I:P/A:N

6.8

2.9

Type	Vendor	Product	Version/Range	Vulnerable?
Application	plone	plone	5.2.3	Yes

https://github.com/plone/Products.CMFPlone/issues/3255 Exploit, Issue Tracking, Third Party Advisory ([email protected])
https://www.exploit-db.com/exploits/49668 Exploit, Third Party Advisory, VDB Entry ([email protected])
https://github.com/plone/Products.CMFPlone/issues/3255 Exploit, Issue Tracking, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/49668 Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)