Tag Archives: CVE

CVE-2021-35959 Stored XSS in Folder Contents on Plone 5-5.2.4

I’ve been testing some new Python-based CMSs and CMS-like software. I’ve heard of Plone before, but I never had a chance to check it out until now. I was a couple of days into my experimenting when I ran across this issue.

I have to say, the Plone team’s response was great. I got an almost immediate response from the security team, and a hotfix was pushed less than a week later.

Please see the following links for more information.