Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-33511

Disclosure Date: May 21, 2021 (last updated February 22, 2025)
Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo themes, Dexterity TTW schemas, and modeleditors in plone.app.theming, plone.app.dexterity, and plone.supermodel.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0