CVE-2021-33507

CVE-2021-33507

EPSS 0.8%

Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://plone.org/security/hotfix/20210518/reflected-xss-in-various-spots http://www.openwall.com/lists/oss-security/2021/05/22/1